📦 Tgstation Server

tgstation-server versions before 6.12.3 have an authorization bypass vulnerability where role permissions were incorrectly combined using OR logic instead of AND logic. This allows enabled users to ac...

This vulnerability in tgstation-server allows low-permission users with 'Set .dme Path' privilege to potentially execute malicious .dme files, which could lead to remote code execution when combined w...

This vulnerability allows users with the 'list chat bots' permission in tgstation-server to read chat bot connection strings without proper authorization. It affects tgstation-server versions 4.7.0 th...