Lucene search
China National Vulnerability DatabaseCNVD-2022-22317HistoryMar 16, 2022 - 12:00 a.m.
Sylius has an unspecified vulnerability (CNVD-2022-22317)
2022-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
0.002 Low
EPSS
Percentile
52.0%
Sylius is an open source e-commerce platform based on the Symfony framework from the Polish company Sylius. sylius has a security vulnerability that stems from the possibility that an attacker-controlled page could load the website in an iframe. This would enable a clickjacking attack where an attacker could exploit the vulnerability to provide a different interface to override the target application’s interface.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sylius Sylius | lt | 1.9.10 | |
| sylius Sylius >=1.10.0, | lt | 1.10.11 | |
| sylius Sylius >=1.11.0, | lt | 1.11.2 |
Related
prion
prion
Code injection
2022-03-14 19:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-24733
2022-03-14 19:15:12
veracode
veracode
Click Jacking
2022-03-15 06:12:58
osv
osv
CVE-2022-24733
2022-03-14 19:15:12
Improper Restriction of Rendered UI Layers or Frames in Sylius
2022-03-14 21:55:33
cve
cve
CVE-2022-24733
2022-03-14 19:15:12
github
github
Improper Restriction of Rendered UI Layers or Frames in Sylius
2022-03-14 21:55:33