tinyfilemanager icon indicating copy to clipboard operation
tinyfilemanager copied to clipboard

Published 20 hours ago verified publisher icon prasathmani

What about CVE-2021-40965 (CSRF vulnerability)?

Open rdggithub opened this issue 2 years ago • 1 comments

There is a CSRF vulnerability reported in 2.4.6 since 09/2021? Also XSS and path traversal?!

https://cve.report/CVE-2021-40965 https://cve.report/CVE-2021-40966 https://cve.report/CVE-2021-40964

Also the releases on

https://github.com/prasathmani/tinyfilemanager/releases

do not include the versions from 2.4.4 to 2.4.6?!

rdggithub avatar Feb 06 '22 19:02 rdggithub

fixed path traversal vulnerability #718, by @joaogmauricio

prasathmani avatar Feb 12 '22 08:02 prasathmani