strapi Strapi Vulnerabilities
Strapi Strapi vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
CORS Misconfiguration Vulnerability in Strapi Content Management System
CVE-2025-53092StrapiStrapi6.5MEDIUMPassword Handling Vulnerability in Strapi Core Package Affects Authentication Process
CVE-2025-25298StrapiStrapi6.3MEDIUMImproper Query Parameter Sanitization in Strapi's Document Service
CVE-2024-56143StrapiStrapi8.2HIGHJWT Invalidation Issue in Strapi by Strapi
CVE-2025-3930StrapiStrapi6.3MEDIUMServer Side Request Forgery Vulnerability in Strapi CMS
CVE-2024-52588StrapiStrapi7.5HIGHData Exposure Vulnerability in Strapi Open-Source CMS
CVE-2024-29181StrapiStrapi3.5LOWDenial-of-Service Vulnerability in Strapi Media Upload Functionality
CVE-2024-31217StrapiStrapi6.5MEDIUMAuthentication Bypass in Strapi by Open Redirect and Token Exposure
CVE-2024-34065StrapiStrapi8.1HIGHStrapi Protected Populate Plugin leaking fields if the request fields where empty or only fields selected where not populatable
CVE-2023-48218strapi-communitystrapi-plugin-protecte...5.3MEDIUMUnauthorized Access to Private Fields in User Registration API in strapi
CVE-2023-39345StrapiStrapi7.6HIGHStrapi Improper Rate Limiting vulnerability
CVE-2023-38507strapistrapi9.8CRITICALStrapi may leak sensitive user information, user reset password, tokens via content-manager views
CVE-2023-36472strapistrapi5.7MEDIUMStrapi's field level permissions not being respected in relationship title
CVE-2023-37263strapistrapi2.7LOWLeaking sensitive user information still possible by filtering on private with prefix fields
CVE-2023-34235StrapiStrapi8.6HIGHStrapi allows actors to make all attributes on a content-type public without noticing it
CVE-2023-34093StrapiStrapi4.8MEDIUMServer-Side Template Injection Vulnerability in Strapi by Strapi
CVE-2023-22621StrapiStrapiπΎπ‘EPSS 86%7.2HIGHAuthentication Bypass Vulnerability in Strapi's OAuth Flow via AWS Cognito
CVE-2023-22893StrapiStrapiEPSS 71%7.5HIGHSensitive Data Exposure Vulnerability in Strapi by Strapi
CVE-2023-22894StrapiStrapiπΎπ‘EPSS 17%4.9MEDIUMImproper Attribute Handling in Strapi Admin API
CVE-2022-31367StrapiStrapi8.8HIGHUnrestricted File Upload Vulnerability in Strapi by Strapi
CVE-2022-32114StrapiStrapiπΎπ‘8.8HIGHStored Cross-Site Scripting Vulnerability in Strapi by Strapi
CVE-2022-29894StrapiStrapi4.8MEDIUMData Exposure in Strapi Admin Panel Affects User Accounts
CVE-2022-30618StrapiStrapi7.5HIGHData Exposure Vulnerability in Strapi Admin Panel by Strapi
CVE-2022-30617StrapiStrapi8.8HIGHInsecure Password Storage in Strapi Documentation Plugin
CVE-2021-46440StrapiStrapi7.5HIGHArbitrary File Upload Vulnerability in Strapi Product by Strapi
CVE-2022-27263StrapiStrapi9.8CRITICAL