Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-38873. PoCs published by K9-Modz.
AI-analyzed exploit summary This repository provides a detailed technical analysis of a Clickjacking vulnerability (CVE-2023-38873) affecting the G1 website, including mitigation strategies and references to OWASP and MITRE ATT&CK frameworks. It describes the exploitation mechanism but does not include functional exploit code.
Description
The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer is vulnerable to Clickjacking. Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the top-level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.
Exploits (1)
This repository provides a detailed technical analysis of a Clickjacking vulnerability (CVE-2023-38873) affecting the G1 website, including mitigation strategies and references to OWASP and MITRE ATT&CK frameworks. It describes the exploitation mechanism but does not include functional exploit code.
References (3)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N