strapi Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by strapi
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Improper Query Parameter Sanitization in Strapi's Document Service
CVE-2024-56143StrapiStrapi8.2HIGHServer Side Request Forgery Vulnerability in Strapi CMS
CVE-2024-52588StrapiStrapi7.5HIGHAuthentication Bypass in Strapi by Open Redirect and Token Exposure
CVE-2024-34065StrapiStrapi8.1HIGHUnauthorized Access to Private Fields in User Registration API in strapi
CVE-2023-39345StrapiStrapi7.6HIGHStrapi Improper Rate Limiting vulnerability
CVE-2023-38507strapistrapi9.8CRITICALLeaking sensitive user information still possible by filtering on private with prefix fields
CVE-2023-34235StrapiStrapi8.6HIGHServer-Side Template Injection Vulnerability in Strapi by Strapi
CVE-2023-22621StrapiStrapiπΎπ‘EPSS 86%7.2HIGHAuthentication Bypass Vulnerability in Strapi's OAuth Flow via AWS Cognito
CVE-2023-22893StrapiStrapiEPSS 66%7.5HIGHImproper Attribute Handling in Strapi Admin API
CVE-2022-31367StrapiStrapi8.8HIGHUnrestricted File Upload Vulnerability in Strapi by Strapi
CVE-2022-32114StrapiStrapiπΎπ‘8.8HIGHData Exposure in Strapi Admin Panel Affects User Accounts
CVE-2022-30618StrapiStrapi7.5HIGHData Exposure Vulnerability in Strapi Admin Panel by Strapi
CVE-2022-30617StrapiStrapi8.8HIGHInsecure Password Storage in Strapi Documentation Plugin
CVE-2021-46440StrapiStrapi7.5HIGHArbitrary File Upload Vulnerability in Strapi Product by Strapi
CVE-2022-27263StrapiStrapi9.8CRITICALPassword Change Vulnerability in Strapi Admin Panel
CVE-2021-28128StrapiStrapi8.1HIGHCross-Site Scripting Vulnerability in Strapi by Strapi
CVE-2020-27664StrapiStrapi9.8CRITICALAuthorization Flaw in Strapi Content-Type Builder Routes
CVE-2020-27665StrapiStrapi7.5HIGHRemote Code Execution Vulnerability in Strapi Framework
CVE-2019-19609StrapiStrapiπΎπ‘EPSS 81%7.2HIGHAuthentication Bypass in Strapi CMS by Strapi
CVE-2019-18818StrapiStrapiπΎπ‘EPSS 94%9.8CRITICAL