Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OrientDB Server Community Edition Studio组件输入验证漏洞
Vulnerability Description
Orient OrientDB Server Community Edition是英国Orient公司的OrientDB(开源的NoSQL数据库管理系统)服务器的一个社区版。Studio是其中的一个web管理界面组件。 OrientDB Server Community Edition 2.0.14及之前的版本和2.1.0版本中的Studio组件存在安全漏洞,该漏洞源于程序没有正确限制使用FRAME元素。远程攻击者可借助特制的Web站点利用该漏洞实施点击劫持攻击。
CVSS Information
N/A
Vulnerability Type
N/A