3 matches found
CVE-2025-54082 nova-tiptap has an Unauthenticated Arbitrary File Upload Vulnerability
marshmallow-packages/nova-tiptap is a rich text editor for Laravel Nova based on tiptap. Prior to 5.7.0, a vulnerability was discovered in the marshmallow-packages/nova-tiptap Laravel Nova package that allows unauthenticated users to upload arbitrary files to any Laravel disk configured in the...
PT-2025-30309 · Unknown +2 · Laravel Nova +2
Name of the Vulnerable Software and Affected Versions: marshmallow-packages/nova-tiptap versions prior to 5.7.0 Description: marshmallow-packages/nova-tiptap is a rich text editor for Laravel Nova based on tiptap. A missing authentication middleware Nova and Nova.Auth on the /nova-tiptap/api/file...
Marshmallow Packages Laravel Nova Tiptap Editor Field 代码问题漏洞
Marshmallow Packages Laravel Nova Tiptap Editor Field is a Marshmallow Packages open source editor software. A code issue vulnerability exists in Marshmallow Packages Laravel Nova Tiptap Editor Field versions prior to 5.7.0, which stems from insufficient authentication and validation of file uplo...