The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.
Credits
Pawan V. Sable and Pranita Binnar from Veermata Jijabai Technological Institute (VJTI) reported this vulnerability to Rockwell Automation.
