Lucene search

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Strapi

🗓️ 29 Aug 2021 23:15:30Type

Weak password recovery in Strapi <= 3.0.0-bet

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 25
Node.js	Privilege Escalation	8 Nov 201918:29	–	nodejs
OSV	GHSA-6XC2-MJ39-Q599 Strapi allows unauthenticated attacker to reset admin password without valid reset token	2 Dec 201918:20	–	osv
OSV	CVE-2019-18818	7 Nov 201922:15	–	osv
Cvelist	CVE-2019-18818	7 Nov 201921:02	–	cvelist
Prion	Default credentials	7 Nov 201922:15	–	prion
NVD	CVE-2019-18818	7 Nov 201922:15	–	nvd
Metasploit	Strapi CMS Unauthenticated Password Reset	15 Nov 202420:12	–	metasploit
0day.today	Strapi 3.0.0-beta - Set Password (Unauthenticated) Exploit	30 Aug 202100:00	–	zdt
0day.today	Strapi CMS 3.0.0-beta.17.4 - Set Password (Unauthenticated) Exploit	8 Feb 202200:00	–	zdt
0day.today	Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (Unauthenticated) Exploit	30 Aug 202100:00	–	zdt

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Aug 2021 23:30Current

1.3Low risk

Vulners AI Score1.3

CVSS27.5

CVSS39.8

EPSS0.94006