ClassDraft
CWE-451User Interface (UI) Misrepresentation of Critical Information
Category: other
Description
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
Common consequences· 1
- Non-Repudiation / Access Control — Hide Activities, Bypass Protection Mechanism
Potential mitigations· 2
- [Implementation]Perform data validation (e.g. syntax, length, etc.) before interpreting the data.
- [Architecture and Design]Create a strategy for presenting information, and plan for how to display unusual characters.
Related CAPEC attack patterns· 5
References
Exploits (incoming)5
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Action Spoofingcapec-173 | 100% | live |
| AttackPattern | Phishingcapec-98 | 100% | live |
| AttackPattern | Mobile Phishingcapec-164 | 100% | live |
| AttackPattern | Resource Location Spoofingcapec-154 | 100% | live |
| AttackPattern | Spear Phishingcapec-163 | 100% | live |
(incoming)9
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-11720cve-2025-11720 | 0% | live |
| Vulnerability | CVE-2025-31951cve-2025-31951 | 0% | live |
| Vulnerability | CVE-2025-8043cve-2025-8043 | 0% | live |
| Vulnerability | CVE-2026-0906cve-2026-0906 | 0% | live |
| Vulnerability | CVE-2026-0907cve-2026-0907 | 0% | live |
| Vulnerability | CVE-2026-2634cve-2026-2634 | 0% | live |
| Vulnerability | CVE-2026-32971cve-2026-32971 | 0% | live |
| KEVEntry | Microsoft Windows MSHTML Platform Spoofing Vulnerabilitykev-cve-2024-38112 | 0% | live |
| KEVEntry | Microsoft Windows MSHTML Platform Spoofing Vulnerabilitykev-cve-2024-43461 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.