Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges. Exploitation could result in loss of availability of the web application.
{
"cwe_ids": [
"CWE-23"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/8xxx/CVE-2026-8209.json",
"cna_assigner": "PRJBLK"
}{
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "30.0.01"
},
{
"fixed": "v30.0.01"
}
],
"source": [
"AFFECTED_FIELD",
"DESCRIPTION",
"REFERENCES"
]
}