Advisories for Composer/Verbb/Knock-Knock package

The knock-knock plugin for Craft CMS suffers from an open redirect flaw.

The knock-knock plugin for Craft CMS may allow a user who injects a specially crafted X-Forwarded-For HTTP header to bypass IP restrictions.