CVE-2022-30852
published 2022-07-08CVE-2022-30852: Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
PriorityP418medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.74%
49.8th percentile
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| idno | known | 0 – 1.3.1 | — |
| withknown | known | <= 1.3.1 | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Known v1.3.1 contains Insecure Direct Object Reference
ghsa·2022-07-09
CVE-2022-30852 [MEDIUM] CWE-639 Known v1.3.1 contains Insecure Direct Object Reference
Known v1.3.1 contains Insecure Direct Object Reference
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last version tagged on GitHub and in Packagist, and development related to the 1.3.x branch is currently on the `dev` branch of the idno/known repository.
OSV
Known v1.3.1 contains Insecure Direct Object Reference
osv·2022-07-09
CVE-2022-30852 [MEDIUM] Known v1.3.1 contains Insecure Direct Object Reference
Known v1.3.1 contains Insecure Direct Object Reference
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last version tagged on GitHub and in Packagist, and development related to the 1.3.x branch is currently on the `dev` branch of the idno/known repository.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-07-08
Published