This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
OffSequence
offseq.bsky.social
did:plc:t5t6qep2vfipbi7f54demwev
⚠️ HIGH severity: Craft CMS (4.5.0-RC1 – 4.16.18, 5.0.0-RC1 – 5.8.22) vulnerable to TOCTOU race — enables DNS rebinding & SSRF. Upgrade to 4.16.19/5.8.23+ and audit GraphQL permissions. https://radar.offseq.com/threat/cve-2026-27127-cwe-367-time-of-check-time-of-use-t-5842a733 #OffSeq #CraftCMS #...
2026-02-24T07:30:34.296Z