CVE-2023-37516
LOWDescription
Missing "no cache" headers in HCL Leap permits user directory information to be cached.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| hcltech | hcl_leap |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2023-37516? +
How severe is CVE-2023-37516? +
What products are affected by CVE-2023-37516? +
How do I check if I'm vulnerable to CVE-2023-37516? +
Related Vulnerabilities
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting …
An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access Browser enables users to bypass certain data control …
Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results …
The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In …
The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.
Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie …