PT-2026-39319 · Gibbon · Gibbon
Prjblk
·
Published
2026-05-09
·
Updated
2026-05-11
·
CVE-2026-8209
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Gibbon versions prior to v30.0.01
Description
A path traversal issue allows users with Teacher or higher privileges to cause a denial of service (DOS). This occurs when attempting to extract web application PHP files; if the .zip extraction fails, the file is deleted, leading to a loss of availability for the web application.
Recommendations
Update to version v30.0.01 or later.
Exploit
Fix
DoS
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gibbon