CVE-2022-28889: Apache Druid: Clickjacking in the web console

[Abhishek Agarwal <abhishek () apache org>]

Description:

In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. Druid 0.23.0 
and later prevent clickjacking using the Content-Security-Policy header.

Mitigation:

Upgrade to Druid 0.23.0 or later.