HIGHVulnerability
Verified
Global
NVD HIGH: CVE-2026-45233 — HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-...
·Source: NIST NVD
Updated:
Executive Summary
HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences directly to file_exists() and rename() functions in admin.php without canonicalization or directory bounda
Analysis
HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences directly to file_exists() and rename() functions in admin.php without canonicalization or directory boundary enforcement to cause unintended relocation of any file writable by the web server process to an attacker-specified draft location. CVSS Score: 8.1. Published: 2026-06-25T17:16:39.207.