Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:45 a.m.11 views

CVE-2022-32114

An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. NOTE: the project documentation suggests that a user with the Media Library "Create upload" permission is supposed to be able to upload PDF fil...

8.8CVSS5.9AI score0.01895EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/07/14 12:0 a.m.5 views

@beardeddudes/strapi-types (=0.1.0), @bimbeo160/admin (=4.12.2) +49 more potentially affected by CVE-2022-32114 via @strapi/strapi (>=0.0.0-a3ff110fc401ef4fbd6cd90780bf87a83a2cb04b <=4.1.12)

@strapi/strapi NPM version =0.0.0-a3ff110fc401ef4fbd6cd90780bf87a83a2cb04b, =4.12.2, =1.0.9, =1.0.0-alpha.0, =1.1.0, =4.12.4-lakileki.1, =3.5.2, =1.0.1, =1.0.8, =1.0.81 and more Source cves: CVE-2022-32114 Source advisory: OSV:GHSA-4VM8-J95F-J6V5...

8.8CVSS7.2AI score0.01895EPSS
Exploits1
NVD
NVD
added 2022/07/13 9:15 p.m.36 views

CVE-2022-32114

An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. NOTE: the project documentation suggests that a user with the Media Library "Create upload" permission is supposed to be able to upload PDF fil...

8.8CVSS0.01895EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/07/13 12:0 a.m.37 views

CVE-2022-32114

An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. NOTE: the project documentation suggests that a user with the Media Library "Create upload" permission is supposed to be able to upload PDF fil...

8.4AI score0.01895EPSS
Exploits1References6
Rows per page
Query Builder