Lucene search
Veracode Vulnerability DatabaseVERACODE:27729HistoryNov 02, 2020 - 6:07 a.m.
Insecure Authorization
2020-11-0206:07:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
30.9%
strapi-plugin-content-type-builder suffers from insecure authorization. The admin::hasPermissions restriction for the content-type-builder (CTB) routes are not configured, allowing unauthorized access to the affected resources.
| CPE | Name | Operator | Version |
|---|---|---|---|
| strapi-plugin-content-type-builder | le | 3.2.4 | |
| strapi-plugin-content-type-builder | le | 3.2.4 |
Related
osv
osv
Improper Authorization in Strapi
2020-10-29 18:29:31
CVE-2020-27665
2020-10-22 19:15:13
prion
prion
Design/Logic Flaw
2020-10-22 19:15:00
cvelist
cvelist
CVE-2020-27665
2020-10-22 18:19:31
cve
cve
CVE-2020-27665
2020-10-22 19:15:13
nvd
nvd
CVE-2020-27665
2020-10-22 19:15:13
github
github
Improper Authorization in Strapi
2020-10-29 18:29:31