Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
TSPortal: Empty Report Fields Can Be Misrepresented
CVE-2026-29788
Summary
The TSPortal platform had a security issue that allowed fake reports to be disguised as genuine self-deletion reports. This has been fixed in version 30. WikiTide Foundation's Trust and Safety team should update to the latest version to ensure data accuracy and security.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| wikitide | tsportal | <= 30 | – |
Original title
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty...
Original description
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty strings to null allows disguising DPA reports as genuine self-deletion reports. This issue has been patched in version 30.
nvd CVSS4.0
8.4
Vulnerability type
CWE-283
CWE-1287
Published: 6 Mar 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026