0.001 Low
EPSS
Percentile
44.4%
strapi is vulnerable to authorization bypass. The vulnerability exists as the email templates are improperly stored in a global variable, allowing the password reset and account confirmation email templates to be updated.
exchange.xforce.ibmcloud.com/vulnerabilities/183045
github.com/strapi/strapi/commit/9f277f67b5d317d1ffa1266a3c59db62f803fa53
github.com/strapi/strapi/pull/6599
github.com/strapi/strapi/releases/tag/v3.0.2