2 matches found
CVE-2024-45391 Tina search token leak via lock file in TinaCMS
Tina is an open-source content management system CMS. Sites building with Tina CMS's command line interface CLI prior to version 1.6.2 that use a search token may be vulnerable to the search token being leaked via lock file tina-lock.json. Administrators of Tina-enabled websites with search setup...
@cloudcommerce/storefront (>=0.10.0 <=0.11.0), @gspenst/next (>=0.0.1 <=0.1.2) +6 more potentially affected by CVE-2024-45391 via @tinacms/cli (>=0.60.28 <=1.12.6)
@tinacms/cli NPM version =0.60.28, =0.10.0, =0.0.1, =0.1.0, =0.0.2, =0.0.3, =0.0.1, =0.1.3 - next-tina-github-starter =0.1.0 - ramidus =1.2.1 Source cves: CVE-2024-45391 Source advisory: OSV:GHSA-4QRM-9H4R-V2FX...