Vulnerabilities

CVE-2022-28889

by Fred · 07/07/2022

In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. Druid 0.23.0 and later prevent clickjacking using the Content-Security-Policy header.

Date published : 2022-07-07

https://lists.apache.org/thread/t3nsq4crdr8wqgmj721d2wg6pf26s5cw

Similar

Tags: Cybersecurity Alert