Do your applications use this vulnerable package?
20 Dec 2018
19 Dec 2018
Suchithra V N
How to fix?
org.apache.nifi:nifi-jetty to version 1.8.0 or higher.
Affected versions of this package are vulnerable to Clickjacking. The X-Frame-Options headers were applied inconsistently on some HTTP responses, resulting in duplicate or missing security headers. Some browsers would interpret these results incorrectly, allowing clickjacking attacks.