CVEbaza.plSłownik CWECWE-450
Common Weakness Enumeration

CWE-450

Multiple Interpretations of UI Input

Kategoria: BaseCVE: 3
Opis

Interfejs użytkownika posiada wiele możliwych interpretacji danych wprowadzonych przez użytkownika, ale nie powiadamia użytkownika, gdy wybiera mniej bezpieczną interpretację. Może to prowadzić do nieoczekiwanego zachowania aplikacji i potencjalnych luk bezpieczeństwa.

Description (EN)

The UI has multiple interpretations of user input but does not prompt the user when it selects the less secure interpretation.

Podatności CVE z CWE-450 (3)
8.4
CVSS
HIGH
CVE-2024-25858

In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.

pub. 2024-03-05
4.3
CVSS
MEDIUM
CVE-2022-20863

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character rendering. An attacker could exploit this vulnerability by sending messages within the application interface. A successful exploit could allow the attacker to modify the display of links or other content within the interface, potentially allowing the attacker to conduct phishing or spoofing attacks.

pub. 2022-09-08
4.3
CVSS
MEDIUM
CVE-2021-1242

A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerability by sharing a file within the application interface. A successful exploit could allow the attacker to modify how the shared file name displays within the interface, which could allow the attacker to conduct phishing or spoofing attacks.

pub. 2021-01-13
Informacje
ID: CWE-450
Typ: Base
Podatności: 3
MITRE CWE ↗
← Słownik CWE