Skip to main content

Tsportal

2 CVEs product

Monthly

CVE-2026-33541 PHP MEDIUM PATCH This Month

TSPortal versions prior to 34 contain an uncontrolled resource creation vulnerability that allows authenticated attackers to generate arbitrary user database records through validation logic abuse, resulting in potential denial of service via uncontrolled database growth. The flaw exists in Miraheze's Trust and Safety management platform (cpe:2.3:a:miraheze:tsportal) and requires low-privilege authenticated access to exploit. Vendor-released patch available in version 34; no public exploit identified at time of analysis.

Denial Of Service Tsportal
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-29788 PHP HIGH POC PATCH This Week

TSPortal versions prior to 30 contain a logic flaw where empty strings are converted to null values, enabling attackers to forge Data Protection Act reports as legitimate user deletion requests. This affects the WikiTide Foundation's Trust and Safety platform and could allow misuse of the reporting system to obscure malicious activity. Public exploit code exists, and no patch is currently available for affected deployments.

Information Disclosure Tsportal
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

TSPortal versions prior to 34 contain an uncontrolled resource creation vulnerability that allows authenticated attackers to generate arbitrary user database records through validation logic abuse, resulting in potential denial of service via uncontrolled database growth. The flaw exists in Miraheze's Trust and Safety management platform (cpe:2.3:a:miraheze:tsportal) and requires low-privilege authenticated access to exploit. Vendor-released patch available in version 34; no public exploit identified at time of analysis.

Denial Of Service Tsportal
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

TSPortal versions prior to 30 contain a logic flaw where empty strings are converted to null values, enabling attackers to forge Data Protection Act reports as legitimate user deletion requests. This affects the WikiTide Foundation's Trust and Safety platform and could allow misuse of the reporting system to obscure malicious activity. Public exploit code exists, and no patch is currently available for affected deployments.

Information Disclosure Tsportal
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy