Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
Max CVSS
4.3
EPSS Score
0.06%
Published
2022-07-08
Updated
2022-07-15
A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field.
Max CVSS
5.4
EPSS Score
0.08%
Published
2022-07-08
Updated
2022-07-15
An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file.
Max CVSS
6.1
EPSS Score
0.08%
Published
2022-07-08
Updated
2022-07-15
Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack.
Max CVSS
8.8
EPSS Score
0.32%
Published
2022-07-08
Updated
2022-07-21
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!