CVE-2026-28428
- EPSS 0.19%
- Veröffentlicht 06.03.2026 04:59:52
- Zuletzt bearbeitet 09.03.2026 13:36:08
Talishar is a fan-made Flesh and Blood project. Prior to commit a9c218e, an authentication bypass vulnerability in Talishar's game endpoint validation logic allows any unauthenticated attacker to perform authenticated game actions — including sending...
CVE-2026-28429
- EPSS 0.51%
- Veröffentlicht 06.03.2026 04:59:49
- Zuletzt bearbeitet 09.03.2026 13:36:08
Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871, a Path Traversal vulnerability was identified in the gameName parameter. While the application's primary entry points implement input validation, the ParseGamestate.php componen...
CVE-2026-27632
- EPSS 0.02%
- Veröffentlicht 25.02.2026 03:16:06
- Zuletzt bearbeitet 27.02.2026 19:57:49
Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery (CSRF) protections on critical state-changing endpoints, specifically within `SubmitCh...