CVE Catalog

CVE-2026-45233

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.57%

43th percentile — higher than 43% of all known CVEs

Summary

HTMLy CMS version 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint.

Risk Assessment

Attackers can exploit this vulnerability to relocate files writable by the web server process, potentially leading to unauthorized access to sensitive data.

Recommendation

It is recommended to update HTMLy CMS to the latest version to mitigate this vulnerability and implement additional safeguards against path traversal.

Original NVD description (English source)

HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences directly to file_exists() and rename() functions in admin.php without canonicalization or directory boundary enforcement to cause unintended relocation of any file writable by the web server process to an attacker-specified draft location.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS