CVE-2020-13485
Published
CVSS v3
9.1
CRITICAL
CVSS v2
6.4
MEDIUM
Affected
1
PROJECT
Description
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
Password protect your entire Craft website front-end with a single password
GitHub