CVE-2020-5679

Summary

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted.

Affected Software

VendorProductVersion RangeStatus
EC-CUBE CO.,LTD.EC-CUBEversions from 3.0.0 to 3.0.18affected

Weaknesses

  • Improper Restriction of Rendered UI Layers or Frames

ADP Enrichment

CVE Program Container

Additional References

References