2 matches found
CVE-2022-33011
Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack...
CVE-2022-33011
CVE-2022-33011 affects Known (open-source social publishing platform). Multiple connected sources corroborate an account takeover via host header injection in v1.3.1 and earlier. Red Hat, Veracode and OSV entries describe the root cause as lack of validation in the password reset flow, notably in...