CVE-2021-43202

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2021.1.3

Description The issue concerns the absence of the X-Frame-Options header in certain cases. This header is crucial for preventing clickjacking attacks by specifying whether a page can be iframed or not. Without this header, an attacker could potentially frame a page, leading to various security issues.

Recommendations For versions prior to 2021.1.3, update to version 2021.1.3 or later to resolve the issue. As a temporary workaround, consider configuring the server to include the X-Frame-Options header in responses to minimize the risk of exploitation.