User Interface Security Issues
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Summary
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to or introduced in the User Interface (UI).
Weaknesses
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusio...
The user interface provides a warning to a user regarding dangerous or sensitive operations, but the warning is not noticeable enough to warrant attention.
The product displays information or identifiers to a user, but the display mechanism does not make it easy for the user to distinguish between visually similar or iden...
The product does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.
A UI function is obsolete and the product does not warn the user.
The product's user interface does not warn the user before undertaking an unsafe action on behalf of that user. This makes it easier for attackers to trick users into ...
The UI performs the wrong action with respect to the user's request.
A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but the underlying functionality is not...
Concepts
This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development l...
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.