Re: [cas-user] CAS 4.1.X Cross-Frame Scripting/Clickjacking prevention?

6 at 8:49:17 AM To: CAS Community <cas-user@apereo.org> Subject:  [cas-user] CAS 4.1.X Cross-Frame Scripting/Clickjacking prevention? Hi, We are running CAS 4.1.9 overlay. Our security team, after app scanning, has reported that CAS has a security vulnerability:  Cross-frame scrip

[cas-user] CAS 4.1.X Cross-Frame Scripting/Clickjacking prevention?

Hi, We are running CAS 4.1.9 overlay. Our security team, after app scanning, has reported that CAS has a security vulnerability: Cross-frame scripting which allows clickjacking. Basically, CAS allows itself to be framed in another app. If I understand it correctly, an attacker will use