CVE-2024-40817

MEDIUM Year: 2024
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-1021
View all →

Vulnerability Description

The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6, Safari 17.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Visiting a website that frames malicious content may lead to UI spoofing.

Related Vulnerabilities

CVE-2017-11290

MEDIUM
CVSS:6.1(Medium)

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administ...

CWE-10212017

CVE-2017-16775

MEDIUM
CVSS:6.1(Medium)

Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vect...

CWE-10212017

CVE-2018-1803

MEDIUM
CVSS:6.1(Medium)

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malic...

CWE-10212018

CVE-2018-1853

MEDIUM
CVSS:6.1(Medium)

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote ...

CWE-10212018

CVE-2018-19957

MEDIUM
CVSS:6.1(Medium)

A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy an...

CWE-10212018

CVE-2019-4086

MEDIUM
CVSS:6.1(Medium)

IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker co...

CWE-10212019