CVE-2025-0421
4.7 MEDIUMImproper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc
Published: 2025-11-19 · Last updated: 2026-06-06
Severity and scoring
- CVSS
- 4.7 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
- CWE
- CWE-1021
Description
Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay. This issue affects Shopside: through 05022025.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-12323 — Spoofing issue in the DOM: Core & HTML component (5.4 MEDIUM)
- CVE-2026-12322 — Clickjacking issue in the Widget: Gtk component (5.4 MEDIUM)
- CVE-2026-10733 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.... (4.3 MEDIUM)
- CVE-2026-28577 — In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack (7.8 HIGH)
- CVE-2026-0061 — In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overla... (5.9 MEDIUM)