Withknown Known
7 CVEs affecting Withknown Known. Latest disclosed: 2026-03-06. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26273 | Critical | 9.8 | 2026-02-13 | Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1.6.2 and earlier. The application leaks… |
CVE-2022-33011 | High | 8.8 | 2022-07-08 | Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack. |
CVE-2026-28508 | High | 8.6 | 2026-03-06 | Idno is a social publishing platform. Prior to version 1.6.4, a logic error in the API authentication flow causes the CSRF protection on the URL unfurl service… |
CVE-2026-28507 | High | 7.2 | 2026-03-06 | Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path tr… |
CVE-2022-32115 | Medium | 6.1 | 2022-07-08 | An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file. |
CVE-2022-31290 | Medium | 5.4 | 2022-07-08 | A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted pay… |
CVE-2022-30852 | Medium | 4.3 | 2022-07-08 | Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR). |