Medium severityNVD Advisory· Published Oct 31, 2025· Updated Apr 15, 2026

CVE-2025-64387

Description

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login credentials in a form that, a priori, appears legitimate.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cds.thalesgroup.com/es/s21secnvd
circutor.com/productos/iot-industrial-y-automatizacion/conversores-y-pasarelas/product/D80010./nvd
www.hackrtu.com/blog/cg-0day-en-003/nvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000