Matt Wicks [SSW]
3 exploits
Active since Dec 2025
@tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions
CVSS 7.1
@tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions
CVSS 7.1
TinaCMS < 3.1.1 - Remote Code Execution via Gray-Matter Markdown Processing
CVSS 8.8