Vulnerabilities > Verbb > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-05-25 CVE-2020-13485 Incorrect Comparison vulnerability in Verbb Knock
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
network
low complexity
verbb CWE-697
critical
 9.1
9.1