4 matches found
@depup/strapi (=2.0.2-depup.0), @jayway/tds (=0.0.1) +25 more potentially affected by CVE-2022-27263 via strapi (>=2.0.2 <=3.6.8)
strapi NPM version =2.0.2, =0.0.0, =0.0.1, =0.0.34, =1.1.0, =1.0.0, =3.6.1-0.1, =2.0.0, =2.0.2 - strapi-editorjs =0.0.1 and more Source cves: CVE-2022-27263 Source advisory: OSV:GHSA-9QGM-W87Q-HX89...
CVE-2022-27263
creationtimestamp| type| source ---|---|--- 2022-04-12 20:23:12+00:00| seen| https://t.me/cibsecurity/40651...
CVE-2022-27263
An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...
CVE-2022-27263
CVE-2022-27263 describes an arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 that allows an attacker to execute arbitrary code via a crafted file. The CVE is corroborated by multiple connected records (e.g., Red Hat, OSV, GHSA, NVD) with the same description. The und...