Clickjacking Vulnerability in OrientDB Server Community Edition

Clickjacking Vulnerability in OrientDB Server Community Edition

CVE-2015-2918 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Learn more about our Web App Pen Testing.