Pivotal Software : Security Vulnerabilities, CVEs, Published In 2019 (Gain Privilege)
Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites.
Max CVSS
6.5
EPSS Score
0.14%
Published
2019-07-18
Updated
2020-10-16
1 vulnerabilities found