CVE-2015-2918
Description
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.597
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2015-2918,CVE-2015-2912 are fixed in Orientechnologies - orientdb-studio 2.0.15 | Windows |
| Vulnerabilities CVE-2015-2918,CVE-2015-2912 are fixed in Orientechnologies - orientdb-studio 2.1.1 | Windows |
| Vulnerabilities CVE-2015-2918,CVE-2015-2912 are fixed in Orientechnologies - orientdb-studio for Linux 2.0.15 | Linux |
| Vulnerabilities CVE-2015-2918,CVE-2015-2912 are fixed in Orientechnologies - orientdb-studio for Linux 2.1.1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234