Lucene search

K
vulnrichmentMitreVULNRICHMENT:CVE-2023-38873
HistorySep 28, 2023 - 12:00 a.m.

CVE-2023-38873

2023-09-2800:00:00
mitre
github.com
1
clickjacking
vulnerable
vulnerability
ui redress attack
gugoan economizzer

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

34.9%

SSVC

Exploitation

poc

Automatable

no

Technical Impact

partial

The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer is vulnerable to Clickjacking. Clickjacking, also known as a “UI redress attack”, is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the top-level page. Thus, the attacker is “hijacking” clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

34.9%

SSVC

Exploitation

poc

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2023-38873