Description

TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. While validation correctly rejected invalid usernames, a side effect within a validation rule caused user records to be created regardless of whether the request succeeded. This could be exploited to cause uncontrolled database growth, leading to a potential denial of service (DoS). Version 34 contains a fix for the issue.

INFO

Published Date :

2026-03-26T20:27:05.840Z

Last Modified :

2026-03-27T20:01:35.174Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-33541 vulnerability.

Vendors Products
Miraheze
  • Tsportal
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-33541.

URL Resource
https://github.com/miraheze/TSPortal/security/advisories/GHSA-f346-8rp3-4h9h cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact