User Interface (UI) Misrepresentation of Critical Information

CVE-2020-7364

Medium

4.3/10

Summary

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-451 - User Interface (UI) Misrepresentation of Critical Information

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

References

Advisory Timeline

Published Oct 20, 2020

User Interface (UI) Misrepresentation of Critical Information

CVE-2020-7364

Summary

CWE-451 - User Interface (UI) Misrepresentation of Critical Information

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS