Vulnerabilities > Connectwise > Connectwise > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-01 | CVE-2023-23127 | Missing Encryption of Sensitive Data vulnerability in Connectwise 22.8.10013.8329 In Connectwise Control 22.8.10013.8329, the login page does not implement HSTS headers therefore not enforcing HTTPS. | 5.3 |
| 2023-02-01 | CVE-2023-23128 | Unspecified vulnerability in Connectwise 22.8.10013.8329 Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS). | 6.1 |