CLICKJACKING VULNERABILITY ON SERVICE DESK MANAGER
Article ID: 133980
Updated On:
Products
CA Service Management - Asset Portfolio Management
CA Service Management - Service Desk Manager
Issue/Introduction
A vulnerability scan was run on the Service Desk application and a clickjacking vulnerability came up.
Environment
Release: 17.0, 17.1
Component: SERVICE DESK MANAGER
Resolution
Add the '@NX_X_FRAME_OPTIONS=Yes' variable to NX.env and .tpl files
Recycle the services for the changes to take effect.
Additional Information
What is 'clickjacking'?
https://www.imperva.com/learn/application-security/clickjacking/
https://en.wikipedia.org/wiki/Clickjacking
Feedback
Yes
No
Powered by
