Idno is a social publishing platform. Prior to version 1.6.4, a logic error in the API authentication flow causes the CSRF protection on the URL unfurl service endpoint to be trivially bypassed by any unauthenticated remote attacker. Combined with the absence of a login requirement on the endpoint itself, this allows an attacker to force the server to make arbitrary outbound HTTP requests to any host, including internal network addresses and cloud instance metadata services, and retrieve the response content. This issue has been patched in version 1.6.4.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XWithknown Known
APPWithknown< 1.6.4
Related vulnerabilities
Wyciek tokena resetowania hasła w Known – przejęcie konta bez dostępu do skrzynki e-mail
Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability v...
Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header inj...
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execut...