Description
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Remediation
References
https://www.kb.cert.org/vuls/id/845332
Related Vulnerabilities
CVE-2018-1000194 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2018-1047 Vulnerability in maven package org.wildfly:wildfly-undertow
CVE-2020-2220 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2019-10799 Vulnerability in npm package compile-sass
CVE-2020-9548 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind