CVE-2022-47714
Last Yard 22.09.8-1 does not enforce HSTS headers
9.8CVSS
9.3AI Score
0.002EPSS
CVE-2022-47715
In Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic.
5.3CVSS
5.3AI Score
0.001EPSS
CVE-2022-47717
Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing (CORS).
7.5CVSS
7.5AI Score