Description
The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.
Remediation
References
Related Vulnerabilities
Ruby Cryptographic Issues Vulnerability (CVE-2013-4363)
Joomla Improper Input Validation Vulnerability (CVE-2020-35616)
SharePoint CVE-2022-38053 Vulnerability (CVE-2022-38053)
Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.12)
Joomla Improper Input Validation Vulnerability (CVE-2021-26029)