In a clickjacking attack the victim is tricked into unknowingly initiating
						some action in one system while interacting with the UI from seemingly
						completely different system. While being logged in to some target system,
						the victim visits the attacker's malicious site which displays a UI that the
						victim wishes to interact with. In reality, the clickjacked page has a
						transparent layer above the visible UI with action controls that the
						attacker wishes the victim to execute. The victim clicks on buttons or other
						UI elements they see on the page which actually triggers the action controls
						in the transparent overlaying layer. Depending on what that action control
						is, the attacker may have just tricked the victim into executing some
						potentially privileged (and most certainly undesired) functionality in the
						target system to which the victim is authenticated. The basic problem here
						is that there is a dichotomy between what the victim thinks he's clicking on
						versus what he or she is actually clicking on.