Tinacms Cli
Monthly
Medium severity vulnerability in TinaCMS. The TinaCMS CLI dev server configures Vite with `server.fs.strict: false`, which disables Vite's built-in filesystem access restriction. This allows any unauthenticated attacker who can reach the dev server to read arbitrary files on the host system
High severity vulnerability in TinaCMS. The TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory.
TinaCMS CLI dev server combines a permissive CORS policy (Access-Control-Allow-Origin: *) with path traversal to enable drive-by attacks. A remote attacker can enumerate, write, and delete files on a developer's machine simply by having them visit a malicious webpage. PoC available.
High severity vulnerability in TinaCMS. ## Affected Package
Remote code execution in TinaCMS affects versions prior to 3.1.1, @tinacms/cli before 2.0.4, and @tinacms/graphql before 2.0.3. Authenticated attackers with content control over markdown files can execute arbitrary code through insecure gray-matter package usage. The vulnerability requires low-privilege authentication (PR:L) and user interaction (UI:P), enabling full compromise of confidentiality, integrity, and availability in the vulnerable context. Publicly available exploit code exists, significantly increasing deployment risk for unpatched installations managing user-contributed markdown content.
Medium severity vulnerability in TinaCMS. The TinaCMS CLI dev server configures Vite with `server.fs.strict: false`, which disables Vite's built-in filesystem access restriction. This allows any unauthenticated attacker who can reach the dev server to read arbitrary files on the host system
High severity vulnerability in TinaCMS. The TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory.
TinaCMS CLI dev server combines a permissive CORS policy (Access-Control-Allow-Origin: *) with path traversal to enable drive-by attacks. A remote attacker can enumerate, write, and delete files on a developer's machine simply by having them visit a malicious webpage. PoC available.
High severity vulnerability in TinaCMS. ## Affected Package
Remote code execution in TinaCMS affects versions prior to 3.1.1, @tinacms/cli before 2.0.4, and @tinacms/graphql before 2.0.3. Authenticated attackers with content control over markdown files can execute arbitrary code through insecure gray-matter package usage. The vulnerability requires low-privilege authentication (PR:L) and user interaction (UI:P), enabling full compromise of confidentiality, integrity, and availability in the vulnerable context. Publicly available exploit code exists, significantly increasing deployment risk for unpatched installations managing user-contributed markdown content.