VYPR

CWE-357

Insufficient UI Warning of Dangerous Operations

BaseDraft

Description

The user interface provides a warning to a user regarding dangerous or sensitive operations, but the warning is not noticeable enough to warrant attention.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (6)

  • CVE-2026-26151HigApr 14, 2026
    risk 0.46cvss 7.1epss 0.01

    Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-47782LowMay 20, 2026
    risk 0.21cvss 3.3epss 0.00

    Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a URL to some malicious web page is given through an intent, RoboForm may silently download files without…

  • CVE-2025-49587Jun 13, 2025
    risk 0.00cvss epss 0.00

    XWiki is an open-source wiki software platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationDisplayerClass object, and later an admin edits and saves that document, the possibly malicious content of that object is output as…

  • CVE-2025-49585Jun 13, 2025
    risk 0.00cvss epss 0.00

    XWiki is a generic wiki platform. In versions before 15.10.16, 16.0.0-rc-1 through 16.4.6, and 16.5.0-rc-1 through 16.10.1, when an attacker without script or programming right creates an XClass definition in XWiki (requires edit right), and that same document is later edited by…

  • CVE-2025-49583Jun 13, 2025
    risk 0.00cvss epss 0.00

    XWiki is a generic wiki platform. When a user without script right creates a document with an `XWiki.Notifications.Code.NotificationEmailRendererClass` object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No…

  • CVE-2025-49582Jun 13, 2025
    risk 0.00cvss epss 0.01

    XWiki is a generic wiki platform. When editing content that contains "dangerous" macros like malicious script macros that were authored by a user with fewer rights, XWiki warns about the execution of these macros since XWiki 15.9RC1. These required rights analyzers that trigger…