Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/09/15 7:15 p.m.9 views

CVE-2023-38507 Strapi Improper Rate Limiting vulnerability

Strapi is the an open-source headless content management system. Prior to version 4.12.1, there is a rate limit on the login function of Strapi's admin screen, but it is possible to circumvent it. Therefore, the possibility of unauthorized login by login brute force attack increases. Version 4.12...

7.3CVSS6.7AI score0.00761EPSS
Exploits1References3
OSV
OSV
added 2023/09/15 7:15 p.m.23 views

CVE-2023-38507 Strapi Improper Rate Limiting vulnerability

Strapi is the an open-source headless content management system. Prior to version 4.12.1, there is a rate limit on the login function of Strapi's admin screen, but it is possible to circumvent it. Therefore, the possibility of unauthorized login by login brute force attack increases. Version 4.12...

7.3CVSS9.2AI score0.00761EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2023/09/13 4:32 p.m.5 views

@beardeddudes/strapi-types (=0.1.0), @mattie-bundle/mattie-strapi-bundle-example (>=1.0.0-alpha.0 <=1.0.0-alpha.3) +20 more potentially affected by CVE-2023-38507 via @strapi/admin (>=0.0.0-a230f29587d4a221c9c686ca4e467b3fb465631a <=4.12.0)

@strapi/admin NPM version =0.0.0-a230f29587d4a221c9c686ca4e467b3fb465631a, =1.0.0-alpha.0, =0.0.0-experimental.0a47d9bbb261b49ab02af2597ede27b7bdb196f4, =0.0.0-00c0da0e5db43d5de823f6193c9a3fa0dd11a364, =0.0.0-02d487e4eec68a5961817a4f580ffead9a9362f0,...

9.8CVSS7.8AI score0.00761EPSS
Exploits1
Circl
Circl
added 2023/09/13 3:15 p.m.6 views

CVE-2023-38507

creationtimestamp| type| source ---|---|--- 2023-09-13 15:15:03+00:00| published-proof-of-concept| https://github.com/strapi/strapi/security/advisories/GHSA-24q2-59hm-rh9r 2023-09-16 00:26:01+00:00| seen| https://t.me/cibsecurity/70623 2024-01-16 14:55:36+00:00| seen| https://t.me/arpsyndicate/28...

9.8CVSS7.3AI score0.00761EPSS
Exploits1References3
Rows per page
Query Builder