CVE-2024-52276
Dec. 5, 2024, 11:15 a.m.
Tags
Product(s) Impacted
UNKNOWN
Description
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. 1. Displayed version does not show the layer flattened version, which is provided when the "Print" option is used. 2. Displayed version does not show the layer flattened version, which is provided when the combined download option is used. 3. Displayed version does not show the layer flattened version, which is also the provided version when downloading the result in the uncombined option. Once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DocuSign: through 2024-12-04.
Weaknesses
CWE-451
User Interface (UI) Misrepresentation of Critical Information
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
CWE ID: 451Date
Published: Dec. 4, 2024, 11:30 a.m.
Last Modified: Dec. 5, 2024, 11:15 a.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe