tiddlywiki is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the upload function allowing an attacker to inject maliciously crafted script via a crafted SVG file.
CPE | Name | Operator | Version |
---|---|---|---|
tiddlywiki | le | 5.2.2 | |
tiddlywiki | le | 5.2.2 |