A vulnerability identified as problematic has been detected in ajenti up to 2.2.13. Affected by this issue is the function start_response of the file ajenti-core/aj/http.py of the component HTTP Response Path. The manipulation leads to clickjacking.

This vulnerability is listed as CVE-2026-38979. The attack may be initiated remotely. There is no available exploit.