Lucene search
K

7 matches found

CNNVD
CNNVD
added 2026/05/14 12:0 a.m.16 views

Strapi 代码问题漏洞

Strapi is an open-source content management system CMS developed by the Strapi community in France. Versions of Strapi prior to 5.33.3 had code vulnerabilities. These vulnerabilities stemmed from a lack of default functionality to invalidate existing refresh token sessions when a user’s password...

6.5CVSS5.9AI score0.00272EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.7 views

Strapi 代码问题漏洞

Strapi is an open source content management system CMS from the French strapi community. A code issue vulnerability exists in Strapi versions prior to 5.24.1, which stems from the failure to invalidate the JWT after logging out or deactivating an account and the presence of the /admin/renew-token...

6.3CVSS6.8AI score0.00641EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-2121

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00736EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2197

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.0071EPSS
Exploits1References4
NVD
NVD
added 2024/06/12 3:15 p.m.41 views

CVE-2024-31217

Strapi is an open-source content management system. Prior to version 4.22.0, a denial-of-service vulnerability is present in the media upload process causing the server to crash without restarting, affecting either development and production environments. Usually, errors in the application cause ...

6.5CVSS0.00736EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/06/12 12:0 a.m.2 views

Strapi Security Vulnerabilities

Strapi is an open source content management system CMS. A security vulnerability exists in Strapi versions prior to 4.22.0 that stems from a denial-of-service vulnerability in the media upload process that causes the server to crash...

6.5CVSS6.8AI score0.00736EPSS
Exploits1References3
OSV
OSV
added 2023/07/25 5:24 p.m.23 views

CVE-2023-34235 Leaking sensitive user information still possible by filtering on private with prefix fields

Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...

8.6CVSS7.7AI score0.00906EPSS
Exploits1References4
Rows per page
Query Builder