CVE-2023-42011

MEDIUM Year: 2023
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-1021
View all →

Vulnerability Description

IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508.

Related Vulnerabilities

CVE-2019-4285

MEDIUM
CVSS:5.4(Medium)

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attack...

CWE-10212019

CVE-2020-15793

MEDIUM
CVSS:5.4(Medium)

A vulnerability has been identified in Desigo Insight (All versions). The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could all...

CWE-10212020

CVE-2020-2105

MEDIUM
CVSS:5.4(Medium)

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

CWE-10212020

CVE-2020-4165

MEDIUM
CVSS:5.4(Medium)

IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit th...

CWE-10212020

CVE-2020-4195

MEDIUM
CVSS:5.4(Medium)

IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could...

CWE-10212020

CVE-2020-4406

MEDIUM
CVSS:5.4(Medium)

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1...

CWE-10212020