Storyline
Multiple critical vulnerabilities disclosed in TinaCMS including path traversal and CORS misconfiguration
TinaCMS has been found vulnerable to several security issues, including a critical cross-origin file exfiltration via CORS misconfiguration combined with path traversal, a high-severity path traversal flaw enabling arbitrary file read, write, and delete, and a medium-severity...
Evidence locked
Today's free sample is only available for the edition's flagship storyline.
Evidence preview
- TinaCMS CLI has Arbitrary File Read via Disabled Vite Filesystem Restrictiongithub_advisories