Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1021 (不当限制渲染UI层或帧) — Vulnerability Class 110

110 vulnerabilities classified as CWE-1021 (不当限制渲染UI层或帧). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-53096 Sunshine clickjacking in the UI leads to unauthorized actions being performed — Sunshine 5.4 Medium2025-07-01
CVE-2025-36027 IBM Datacap clickjacking — Datacap 5.4 Medium2025-06-28
CVE-2025-49192 Clickjacking — SICK Field Analytics 4.3 Medium2025-06-12
CVE-2025-49191 Dashboards and iFrames can link malicious web content — SICK Field Analytics 4.8 Medium2025-06-12
CVE-2025-49139 @haxtheweb/haxcms-nodejs Iframe Phishing vulnerability — issues 5.3 Medium2025-06-09
CVE-2025-43854 DIFY vulnerable to Clickjacking Attack — dify 6.1AIMediumAI2025-04-28
CVE-2025-32385 EspoCRM allows unrestricted Embedding in Iframe dashlet — espocrm 5.3 Medium2025-04-15
CVE-2025-0362 Improper Restriction of Rendered UI Layers or Frames in GitLab — GitLab 6.4 Medium2025-04-10
CVE-2025-25213 Inaba Denki Sangyo Wi-Fi AP UNIT 安全漏洞 — AC-WPS-11ac 6.5 Medium2025-04-09
CVE-2025-31138 tarteaucitron.js allows UI manipulation via unrestricted CSS injection — tarteaucitron.js 5.5 Medium2025-04-07
CVE-2025-24310 JTEKT ELECTRONICS HMI ViewJet C-more 安全漏洞 — HMI ViewJet C-more series 9.6AICriticalAI2025-04-04
CVE-2025-1923 Google Chrome 安全漏洞 — Chrome 4.3 -2025-03-05
CVE-2025-1917 Google Chrome 安全漏洞 — Chrome 4.3 -2025-03-05
CVE-2025-24874 Missing Defense in Depth Against Clickjacking in SAP Commerce Backoffice — SAP Commerce (Backoffice) 6.8 Medium2025-02-11
CVE-2024-49796 IBM ApplinX Clickjacking — ApplinX 5.4 Medium2025-02-05
CVE-2024-6466 NEC WebSAM DeploymentManager 安全漏洞 — WebSAM DeploymentManager 9.1 -2025-01-21
CVE-2024-56436 Huawei HarmonyOS 权限许可和访问控制问题漏洞 — HarmonyOS 5.5 Medium2025-01-08
CVE-2024-56435 Huawei HarmonyOS 信息泄露漏洞 — HarmonyOS 6.2 Medium2025-01-08
CVE-2021-29827 IBM InfoSphere Information Server clickjacking — InfoSphere Information Server 5.2 Medium2024-12-18
CVE-2024-55888 Content Security Policy appears to be missing in software and production setup — hushline 7.1 High2024-12-12
CVE-2024-54112 Huawei HarmonyOS 权限许可和访问控制问题漏洞 — HarmonyOS 5.5 Medium2024-12-12
CVE-2024-54110 Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.2 Medium2024-12-12
CVE-2024-7404 Improper Restriction of Rendered UI Layers or Frames in GitLab — GitLab 6.8 Medium2024-11-14
CVE-2024-10454 Clickjacking vulnerability in Clibo Manager — Clibo Manager 6.1 Medium2024-10-31
CVE-2024-2177 Improper Restriction of Rendered UI Layers or Frames in GitLab — GitLab 6.8 Medium2024-07-09
CVE-2024-30109 Lack of Clickjacking Protection vulnerability affects DRYiCE AEX v10 — DRYiCE AEX 3.7 Low2024-06-28
CVE-2023-42011 IBM Sterling B2B Integrator Standard Edition tapjacking — Sterling B2B Integrator Standard Edition 4.3 Medium2024-06-27
CVE-2024-2383 Clickjacking Vulnerability in zenml-io/zenml — zenml-io/zenml 5.4AIMediumAI2024-06-06
CVE-2023-47774 WordPress Jetpack plugin < 12.7 - Auth. Iframe Injection vulnerability — Jetpack 5.4 Medium2024-04-24
CVE-2024-3911 Welotec: Clickjacking Vulnerability in WebUI — SMART EMS 6.5 Medium2024-04-23

Vulnerabilities classified as CWE-1021 (不当限制渲染UI层或帧) represent 110 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.