MEDIUM🇵🇱 Wersja polska

CVE-2022-47715

CVSS 5.3v3.1pub. 2023-02-01upd. 2025-03-27

In Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Lastyard Last Yard

    APP
    Lastyard
    22.09.8-1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-47714CRITICAL9.8ten sam produkt

Last Yard 22.09.8-1 does not enforce HSTS headers

CVE-2022-47717HIGH7.5ten sam produkt

Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing (CORS).