Start a new topic
Solved

Frameable response (clickjacking) vulnerability

InfoBurst Platform Build 232 Fix Pack 3 adds the X-Frame-Options header with DENY for the following endpoints:


/infoburst

/system/xxx


This will prevent the UI or system apps such as System Management or the Portal from being hosted in an iframe and exploited by the frameable response vulnerability.



IBE-4611

Login or Signup to post a comment