Description
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Remediation
References
https://www.kb.cert.org/vuls/id/845332
Related Vulnerabilities
CVE-2017-1000404 Vulnerability in maven package se.diabol.jenkins.pipeline:delivery-pipeline-plugin
CVE-2023-48796 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-master
CVE-2019-20174 Vulnerability in maven package org.webjars.npm:auth0-lock
CVE-2017-16006 Vulnerability in npm package remarkable
CVE-2016-10605 Vulnerability in npm package dalek-browser-ie