← Retour aux CVEs
CVE-2015-2918
N/ADescription
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Details CVE
Score CVSS v3.1N/A
Publie12/31/2015
Derniere modification4/12/2025
Sourcenvd
Observations honeypot0
Produits affectes
orientdb:orientdb
Faiblesses (CWE)
CWE-20
References
https://www.kb.cert.org/vuls/id/845332(cret@cert.org)
https://www.kb.cert.org/vuls/id/845332(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.