Description
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Remediation
References
https://www.kb.cert.org/vuls/id/845332
Related Vulnerabilities
CVE-2022-36076 Vulnerability in npm package nodebb
CVE-2021-33420 Vulnerability in npm package replicator
CVE-2021-22060 Vulnerability in maven package org.springframework:spring-core
CVE-2021-21307 Vulnerability in maven package org.lucee:lucee
CVE-2018-8026 Vulnerability in maven package org.apache.solr:solr-core