7 matches found
Strapi 代码问题漏洞
Strapi is an open-source content management system CMS developed by the Strapi community in France. Versions of Strapi prior to 5.33.3 had code vulnerabilities. These vulnerabilities stemmed from a lack of default functionality to invalidate existing refresh token sessions when a user’s password...
Strapi 代码问题漏洞
Strapi is an open source content management system CMS from the French strapi community. A code issue vulnerability exists in Strapi versions prior to 5.24.1, which stems from the failure to invalidate the JWT after logging out or deactivating an account and the presence of the /admin/renew-token...
EUVD-2024-2121
Malicious code in bioql PyPI...
EUVD-2024-2197
Malicious code in bioql PyPI...
CVE-2024-31217
Strapi is an open-source content management system. Prior to version 4.22.0, a denial-of-service vulnerability is present in the media upload process causing the server to crash without restarting, affecting either development and production environments. Usually, errors in the application cause ...
Strapi Security Vulnerabilities
Strapi is an open source content management system CMS. A security vulnerability exists in Strapi versions prior to 4.22.0 that stems from a denial-of-service vulnerability in the media upload process that causes the server to crash...
CVE-2023-34235 Leaking sensitive user information still possible by filtering on private with prefix fields
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...