cbcvebase.
CVE-2023-38873
published 2023-09-28

CVE-2023-38873: The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer is vulnerable to Clickjacking. Clickjacking, also known as a "UI redress attack", is when…

PriorityP430medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EPSS
0.63%
45.8th percentile
The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer is vulnerable to Clickjacking. Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the top-level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.

Affected

3 ranges
VendorProductVersion rangeFixed in
economizzereconomizzer
economizzereconomizzer
gugoaneconomizzer0 – 0.9-beta1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.