6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /strapi.io/_next/image. This vulnerability allows attackers to scan for open ports or access sensitive information via a crafted GET request.
medium.com/%40barkadevaibhav491/server-side-request-forgery-in-strapi-e02d5fe218ab
strapi.io/