CVE-2026-24815

Vulnerability Description

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java.

This issue affects tis: before v4.3.0.

Vulnerability Details

Published Date

January 27, 2026

Last Modified

January 27, 2026

CWE ID

CWE-434

Source

NVD

Vendor

datavane

Product

tis

External References

https://github.com/datavane/tis/pull/443

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment