CVE-2022-30852
MEDIUMKnown < 1.3.1 - Authorization Bypass Through User-Controlled Key
Title source: llmDescription
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
References (3)
Core 3
Core References
Product, Third Party Advisory x_refsource_misc
https://github.com/idno/known
Vendor Advisory x_refsource_misc
https://withknown.com/
Exploit, Patch, Third Party Advisory x_refsource_misc
https://blog.jitendrapatro.me/multiple-vulnerabilities-in-idno-known-php-cms-software/
Scores
CVSS v3
4.3
EPSS
0.0074
EPSS Percentile
49.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-639
Status
published
Products (2)
idno/known
0Packagist
withknown/known
< 1.3.1
Published
Jul 08, 2022
Tracked Since
Feb 18, 2026