Publify (formerly known as Typo) prior to version 9.2.7 is vulnerable to business logic errors.
github.com/publify/publify
github.com/publify/publify/commit/16fceecadbe80ab0ef846b62a12dc7bfff10b8c5
github.com/publify/publify/pull/1044
github.com/rubysec/ruby-advisory-db/blob/master/gems/publify_core/CVE-2022-0524.yml
huntr.dev/bounties/bfffae58-b3cd-4e0e-b1f2-3db387a22c3d
nvd.nist.gov/vuln/detail/CVE-2022-0524