98 matches found
CVE-2021-41598
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...
CVE-2021-41598
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...
Design/Logic Flaw
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...
CVE-2021-41598
GitHub Enterprise Server vulnerability CVE-2021-41598 is a UI misrepresentation flaw in the GitHub App authorization flow. It can cause more permissions to be granted than the user sees during approval, specifically if the user later updates the repositories an app is installed on after additiona...
CVE-2021-41598 UI misrepresentation of granted permissions in GitHub Enterprise Server leading to unauthorized access to user
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is Github an open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from a UI...
PT-2021-6962 · Microsoft · Visual Studio Code
Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can allow an attacker to conduct spoofing attacks. There is also a mention of a...
CVE-2021-22866
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...
CVE-2021-22866 UI misrepresentation of granted permissions in GitHub Enterprise Server leading to unauthorized access to user resources
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...
CVE-2021-22866
The CVE describes a UI misrepresentation in GitHub Enterprise Server’s GitHub App authorization flow. A user could grant more permissions than shown if the App had additional user-level permissions added after initial approval, by revisiting the authorization flow. Affected products/versions: Git...
CVE-2020-7371
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the RITS Browser version 3.3.9 and prior versions...
CVE-2020-7363
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...
CVE-2020-7364
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...
Design/Logic Flaw
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...
CVE-2020-7371
CVE-2020-7371 describes a UI misrepresentation in the address bar exploited via JavaScript timing to spoof the perceived source of content in the RITS Browser 3.3.9 and earlier. Exploitation requires visiting a site that can run JavaScript; the attacker can cause UI elements to appear as if they ...
CVE-2020-7371 Raise IT Solutions RITS Browser Address Bar Spooofing
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the RITS Browser version 3.3.9 and prior versions...
CVE-2020-7363
CVE-2020-7363 affects UCWeb UC Browser versions 13.0.8 and earlier, enabling UI/address-bar spoofing through JavaScript timing tricks that can mislead users about the page origin. Exploitation requires visiting a page hosting executable JavaScript; it can trigger in-browser content or popups that...
Adobe Connect Multiple Vulnerabilities (APSB17-22)
Adobe Connect is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:connect"; ifdescription...