UI redressing or the clickjacking attack makes use of overlapping elements, transparent frames, and some social engineering to fool users of a web application to click or perform certain actions on different pages of the web application without them realizing. The attack is very easy to conduct; the attacker creates an
iframe of one of the pages from the vulnerable web application. Just above the
iframe there are some HTML elements (a button, a hyperlink, and so on) which is often disguised as a simple game or anything catchy which the user might click on. The placement of these elements are done in such a way that as soon as the user clicks on it, the click, instead of registering at the HTML element, goes to the iframed web page ...