Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1021 (不当限制渲染UI层或帧) — Vulnerability Class 110

110 vulnerabilities classified as CWE-1021 (不当限制渲染UI层或帧). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-3254 Improper Restriction of Rendered UI Layers or Frames in GitLab — GitLab 3.5 Low2026-04-22
CVE-2026-2378 Address bar spoofing risk in ArcSearch on Android — ArcSearch 7.4 High2026-03-20
CVE-2025-62328 HCL Nomad server on Domino is affected by a missing default frame-ancestors directive — Nomad server on Domino 3.7 Low2026-03-11
CVE-2025-58405 Lack of protection mechanisms against Clickjacking attacks — CGM CLININET 6.5AIMediumAI2026-03-02
CVE-2026-27511 Tenda F3 Clickjacking in Web Management Interface — Tenda F3 4.3 Medium2026-02-23
CVE-2026-26000 XWiki Platform affected by click-jacking through CSS injection in comments — xwiki-platform 4.1AIMediumAI2026-02-12
CVE-2026-24839 Dokploy has a clickjacking vulnerability - Missing X-Frame-Options and CSP frame-ancestors headers — dokploy 4.7 Medium2026-01-28
CVE-2026-23731 WeGIA Clickjacking Vulnerability — WeGIA 4.3 Medium2026-01-16
CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank — Dia 7.4 High2026-01-16
CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed — Paragon Automation (Pathfinder, Planner, Insights) 6.1 Medium2026-01-15
CVE-2026-22918 SICK TDC-X401GL 安全漏洞 — TDC-X401GL 4.3 Medium2026-01-15
CVE-2025-14809 Address bar spoofing risk in ArcSearch on Android — ArcSearch 7.4 High2025-12-19
CVE-2025-14812 Address bar spoofing risk in Arc Search on iOS — ArcSearch 7.5 High2025-12-19
CVE-2025-59849 HCL BigFix Remote Control is vulnerable to an insecure CSP configuration — BigFix Remote Control 4.7 Medium2025-12-17
CVE-2025-59479 Inaba Denki Sangyo CHOCO TEI WATCHER mini 安全漏洞 — CHOCO TEI WATCHER mini (IB-MCT001) 8.8AIHighAI2025-12-16
CVE-2025-36149 IBM Concert Software clickjacking — IBM Concert Software 6.3 Medium2025-11-21
CVE-2025-13132 Dia: Increased Spoof Risk; Missing full screen toast — Dia 7.4 High2025-11-21
CVE-2025-0421 iFrame Injection in Mikrogrup's Shopside — Shopside 4.7 Medium2025-11-19
CVE-2025-64387 CLICKJACKING — TCPRS1plus 6.1 -2025-10-31
CVE-2025-30191 Open-Xchange OX App Suite 安全漏洞 — OX App Suite 5.4 Medium2025-10-31
CVE-2025-59950 FreshRSS: Double clickjacking can lead to privilege escalation — FreshRSS 6.7 Medium2025-09-29
CVE-2024-13066 iFrame Injection in Akinsoft's LimonDesk — LimonDesk 4.3 Medium2025-09-03
CVE-2025-41000 Cross-Frame Scripting (XFS) in BoomCMS — BoomCMS 6.1AIMediumAI2025-09-03
CVE-2025-1494 IBM Cognos Command Center clickjacking — Cognos Command Center 6.1 Medium2025-08-26
CVE-2025-9108 Portabilis i-Diario Login Page ui layer — i-Diario 4.3 Medium2025-08-18
CVE-2025-54527 JetBrains YouTrack 安全漏洞 — YouTrack 6.1 Medium2025-07-28
CVE-2025-54139 HAX CMS' application pages are vulnerable to clickjacking — issues 4.3 Medium2025-07-22
CVE-2025-7903 yangzongzhuan RuoYi Image Source ui layer — RuoYi 4.3 Medium2025-07-20
CVE-2025-6983 Clickjacking vulnerability on the management web application of TP-LINK Archer C1200 — Archer C1200 4.3AIMediumAI2025-07-16
CVE-2025-27455 CVE-2025-27455 — Endress+Hauser MEAC300-FNADE4 4.3 Medium2025-07-03

Vulnerabilities classified as CWE-1021 (不当限制渲染UI层或帧) represent 110 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.