tinyfilemanager
tinyfilemanager copied to clipboard
What about CVE-2021-40965 (CSRF vulnerability)?
There is a CSRF vulnerability reported in 2.4.6 since 09/2021? Also XSS and path traversal?!
https://cve.report/CVE-2021-40965 https://cve.report/CVE-2021-40966 https://cve.report/CVE-2021-40964
Also the releases on
https://github.com/prasathmani/tinyfilemanager/releases
do not include the versions from 2.4.4 to 2.4.6?!
fixed path traversal vulnerability #718, by @joaogmauricio