Details
Description
A security report that made with WEBINSPECT indicates that Artifactory vulnerable by cross frame scripting.
The report indicates that Artifactory pages can be framed into an iframe tag, such as:
<iframe src="http://localhost:8081/artifactory/webapp/login.html"
height="100%" width="100%" border="0"></iframe>
Artifactory should have the ability to disable the ability to frame it's pages inside an iframe tag, probably via a system properties file.