Published: 2017/01/24  Last Updated: 2017/01/24

Information from

Vulnerability ID:JVN#09460804
Title:Knowledge vulnerable to cross-site request forgery

This is a statement from the vendor itself with no modification by JPCERT/CC.

Prior to Knowledge v1.7.0, there is a CSRF vulnerability.
We recommend that you upgrade to v1.7.0 if you want to run it outside intranet.