CWE-450 - Multiple Interpretations of UI Input
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Multiple Interpretations of UI Input
Description
The UI has multiple interpretations of user input but does not prompt the user when it selects the less secure interpretation.
Common Consequences
Scope: Other
Impact: Varies by Context
Related Weaknesses
New Atlantis AIO platform automates credential stuffing on 140 services
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
Claude is testing ChatGPT-like Deep Research feature Compass
Microsoft fixes printing issues caused by January Windows updates
RedCurl cyberspies create ransomware to encrypt Hyper-V servers
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
Microsoft: Recent Windows updates cause Remote Desktop issues
Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability
CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
InformationalInformation Disclosure - Suspicious Comments
InformationalRe-examine Cache-control Directives