VYPR
Moderate severityNVD Advisory· Published Dec 3, 2020· Updated Aug 4, 2024

CVE-2020-5679

CVE-2020-5679

Description

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ec-cube/ec-cubePackagist
>= 3.0.0, <= 3.0.18

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.

CVE-2020-5679 · moderate · VYPR