CVE-2026-29788

Exploit

EPSS 0.03%
Veröffentlicht 06.03.2026 20:31:17
Zuletzt bearbeitet 11.03.2026 14:00:44
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty strings to null allows disguising DPA reports as genuine self-deletion reports. This issue has been patched in version 30.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wikitide ≫ Tsportal Version < 30

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.082

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
security-advisories@github.com	8.4	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:H/SC:N/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-1287 Improper Validation of Specified Type of Input

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

CWE-283 Unverified Ownership

The product does not properly verify that a critical resource is owned by the proper entity.

https://github.com/miraheze/TSPortal/security/advisories/GHSA-gfhq-7499-f3f2

Vendor Advisory

Exploit

https://issue-tracker.miraheze.org/T15053

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2026-29788

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-29788

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-29788

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-29788