The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.kb.cert.org/vuls/id/845332 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2015-12-31T02:00:00
Updated: 2024-08-06T05:32:20.565Z
Reserved: 2015-04-03T00:00:00
Link: CVE-2015-2918
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-12-31T05:59:10.440
Modified: 2015-12-31T20:41:43.143
Link: CVE-2015-2918
Redhat
No data.