Web ViewPoint Plus H01AAW – L01AAX is a H/J-series & L-series TCF release which provides the fix for security vulnerability:
Web application potentially vulnerable to clickjacking.
Description of vulnerability: The remote web server does not set an X-Frame-Options response header or a Content-Security-Policy ‘frame-ancestors’ response header in all content responses.
This could potentially expose the site to a clickjacking or UI redress attack, in which an attacker can trick a user into clicking an area of the vulnerable page that is different than what the user
perceives the page to be. This can result in a user performing fraudulent or malicious transactions.