Lnacshon

**Name of the Vulnerable Software and Affected Versions** Red Hat Advanced Cluster Security (RHACS) (affected versions not specified) **Description** The issue is related to missing security-related HTTP headers in Red Hat Advanced Cluster Security (RHACS), which could allow an attacker to perform a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page that deceptively points to valid RHACS endpoints, potentially hijacking the user's account permissions to perform other actions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Red Hat OpenShift API Management (affected versions not specified) **Description** A flaw in the product allows an authenticated user to inject scripts into some text boxes due to lack of user input validation, leading to a cross-site scripting (XSS) attack. The primary threat from this issue is to data confidentiality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.