CVE-2022-32517

Name of the Vulnerable Software and Affected Versions Conext ComBox versions all

Description The issue is related to improper restriction of rendered UI layers or frames in the user interface, which could allow a remote adversary to affect data integrity by tricking the user into interacting with the application in an unintended way. This is due to the product not implementing restrictions on rendering within frames on external addresses.

Recommendations For Conext ComBox versions all, consider restricting the ability to render within frames on external addresses to minimize the risk of exploitation. As a temporary workaround, restrict access to external addresses until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.