{"vulnerability": "CVE-2022-4771", "sightings": [{"uuid": "0a6c2626-eaf1-4815-b8c2-99d4ccada407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47717", "type": "seen", "source": "https://t.me/cibsecurity/57282", "content": "\u203c CVE-2022-47717 \u203c\n\nLast Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing (CORS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T16:14:03.000000Z"}, {"uuid": "8c6b88e4-82f6-4895-a097-72587c13c4e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47715", "type": "seen", "source": "https://t.me/cibsecurity/57288", "content": "\u203c CVE-2022-47715 \u203c\n\nIn Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T16:14:09.000000Z"}, {"uuid": "cb63d0a2-0ecf-49f8-a8be-f09fc843a2e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47714", "type": "seen", "source": "https://t.me/cibsecurity/57286", "content": "\u203c CVE-2022-47714 \u203c\n\nLast Yard 22.09.8-1 does not enforce HSTS headers\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T16:14:08.000000Z"}, {"uuid": "28278f64-a2ed-4ec6-807a-50b84def1d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47713", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfi246bbzj2g", "content": "", "creation_timestamp": "2025-01-11T15:39:33.404712Z"}, {"uuid": "d818436e-6aaf-40ee-948b-eefbb09e8734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4771", "type": "seen", "source": "https://t.me/cibsecurity/61344", "content": "\u203c CVE-2022-4771 \u203c\n\nHitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow a malicious URL to inject content into the Pentaho User Console through session variables.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-03T22:24:51.000000Z"}]}