X-Frame-Options Header Is Not Included In The HTTP Response To Protect Against 'ClickJacking' Attack (Doc ID 2304049.1)

Last updated on SEPTEMBER 07, 2017

Applies to:

Oracle Communications Convergence - Version 3.0.1 and later
Information in this document applies to any platform.

Symptoms

X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks. This report has come as part of an external security vulnerability assessment.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms