Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.6.1, 11.6.0, 11.5.0
Fixed In:
11.6.0
Opened: Jan 27, 2014 Severity: 3-Major Related Article:
K01102767
Page with X-Frame-Options response header is rendered in <frame>, <iframe> or <object> tag. While it should not be rendered, because the header instruct browser blocks it.
If X-Frame-Options header is ignored, then some clickjacking attacks can be possible.
Page with X-Frame-Options response header in <frame> <iframe> or <object> tag.
This issue has no workaround at this time.
None