Hashicorp Boundary is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.
References:GSA_kwCzR0hTQS14cXYyLTN2dnEtcWc2cs4AAvkJ
Hashicorp Boundary vulnerable to clickjacking
Affected Packages | Affected Versions | Fixed Versions | |
---|---|---|---|
go:github.com/hashicorp/boundary | <= 0.11.0 | No known fixed version | |
Affected Version RangesAll affected versions0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7, 0.1.8, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.3.0, 0.4.0, 0.5.0, 0.5.1, 0.6.0, 0.6.1, 0.6.2, 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.7.4, 0.7.5, 0.7.6, 0.8.0, 0.8.1, 0.9.0, 0.9.1, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.11.0 |