Vendor
Known
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-33011 | Hig | 0.57 | 8.8 | 0.01 | Jul 8, 2022 | Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack. | ||
| CVE-2022-31290 | Med | 0.35 | 5.4 | 0.01 | Jul 8, 2022 | A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field. | ||
| CVE-2022-32115 | Med | 0.33 | 6.1 | 0.01 | Jul 8, 2022 | An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file. | ||
| CVE-2022-30852 | Med | 0.28 | 4.3 | 0.01 | Jul 8, 2022 | Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR). |
- risk 0.57cvss 8.8epss 0.01
Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack.
- risk 0.35cvss 5.4epss 0.01
A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field.
- risk 0.33cvss 6.1epss 0.01
An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file.
- risk 0.28cvss 4.3epss 0.01
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).