BIT-GITLAB-2026-3254 Improper Restriction of Rendered UI Layers or Frames in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content into another user's browser due to improper input validation in the Mermaid sandbox...

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.1.6 contained security vulnerabilities. These vulnerabilities stemmed from the lack of...

CVE-2025-0421

Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay.This issue affects Shopside: through 05022025...

EUVD-2021-1859

Malware in sbrugna...

CVE-2025-9108

Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of rendered ui layers. It is possible to launch the attack remotely...

PT-2025-33637 · Portabilis · I-Diario

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The component Login Page contains an issue with improper restriction of rendered UI layers due to manipulation of an unknown function. This issue can be...

CVE-2023-0057

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33...

CVE-2023-1362

Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to v2.0.2...

CVE-2023-2265

An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user. See product Instruction Manual Appendix A dated 20230830 for more...

CVE-2022-43378

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

PT-2023-16929 · Unilogies · Bumsys

Name of the Vulnerable Software and Affected Versions: unilogies/bumsys versions prior to 2.0.2 Description: The issue is related to improper restriction of rendered UI layers or frames. Recommendations: For versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue...