CVE-2025-54082

Name of the Vulnerable Software and Affected Versions marshmallow-packages/nova-tiptap versions prior to 5.7.0

Description marshmallow-packages/nova-tiptap is a rich text editor for Laravel Nova based on tiptap. A missing authentication middleware (Nova and Nova.Auth) on the /nova-tiptap/api/file upload endpoint, combined with a lack of validation on uploaded files and dynamic disk parameter selection, allows unauthenticated users to upload arbitrary files to any Laravel disk configured in the application. An attacker can craft a custom form and send a POST request to the /nova-tiptap/api/file endpoint, supplying a valid CSRF token, to upload executable or malicious files (e.g., .php, binaries) to public disks such as local, public, or s3. If a publicly accessible storage path is used, the attacker may gain the ability to execute or distribute arbitrary files.

Recommendations Update marshmallow-packages/nova-tiptap to version 5.7.0 or later.