CWE-449: The UI Performs the Wrong Action
low-riskThe UI performs the wrong action with respect to the user's request.
Abstraction: Base
Common Consequences
Other
→
Quality Degradation
Detection Methods
Manual Analysis
Perform extensive functionality testing of the UI. The UI should behave as specified.
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2024-38083 | 4.3 | 0.5% | — |
| CVE-2024-49041 | 4.3 | 0.3% | — |
| CVE-2023-39215 | 7.1 | 0.3% | — |
| CVE-2023-43588 | 3.5 | 0.3% | — |
| CVE-2025-26643 | 5.4 | 0.3% | — |
| CVE-2024-43577 | 4.3 | 0.2% | — |
| CVE-2025-21404 | 4.3 | 0.2% | — |
| CVE-2023-36535 | 7.1 | 0.2% | — |
| CVE-2023-43585 | 7.1 | 0.1% | — |
| CVE-2024-24698 | 4.9 | 0.1% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal