CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt