Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:39 p.m.8 views

CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...

6.1CVSS6.7AI score0.00655EPSS
Exploits0References1
CVE
CVE
added 2020/12/03 11:15 a.m.48 views

CVE-2020-5679

EC-CUBE ABClass: CVE-2020-5679 describes an improper restriction of rendered UI layers or frames in EC-CUBE 3.0.0–3.0.18, enabling clickjacking when an admin session is active. The issue arises from rendering UI layers/frames without adequate containment, potentially causing unintended actions by...

6.1CVSS6.3AI score0.00655EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/12/03 11:15 a.m.34 views

CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...

6.3AI score0.00655EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/12/03 12:0 a.m.83 views

JVN#24457594: Multiple vulnerabilities in EC-CUBE

EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple vulnerabilities listed below. Clickjacking attacks CWE-1021 - CVE-2020-5679 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score: 4.3 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Imprope...

7.5CVSS6.8AI score0.01367EPSS
Exploits0
Rows per page
Query Builder