Описание
Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
Пакеты
Наименование
verbb/knock-knock
composer
Затронутые версииВерсия исправления
< 1.2.8
1.2.8
Связанные уязвимости
CVSS3: 9.1
nvd
больше 5 лет назад
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.