Vulnerabilities > Strapi

DATE CVE VULNERABILITY TITLE RISK
2024-06-12 CVE-2024-29181 Authorization Bypass Through User-Controlled Key vulnerability in Strapi
Strapi is an open-source content management system.
network
low complexity
strapi CWE-639
3.5
2024-06-12 CVE-2024-31217 Unspecified vulnerability in Strapi
Strapi is an open-source content management system.
network
low complexity
strapi
6.5
2024-06-12 CVE-2024-34065 Authentication Bypass by Capture-replay vulnerability in Strapi
Strapi is an open-source content management system.
network
low complexity
strapi CWE-294
8.1
2023-11-20 CVE-2023-48218 Incorrect Authorization vulnerability in Strapi Protected Populate
The Strapi Protected Populate Plugin protects `get` endpoints from revealing too much information.
network
low complexity
strapi CWE-863
5.3
2023-11-06 CVE-2023-39345 Improper Authentication vulnerability in Strapi
strapi is an open-source headless CMS.
network
low complexity
strapi CWE-287
7.5
2023-09-15 CVE-2023-38507 Allocation of Resources Without Limits or Throttling vulnerability in Strapi
Strapi is the an open-source headless content management system.
network
low complexity
strapi CWE-770
critical
9.8
2023-09-15 CVE-2023-36472 Information Exposure vulnerability in Strapi
Strapi is an open-source headless content management system.
network
low complexity
strapi CWE-200
5.7
2023-09-15 CVE-2023-37263 Unspecified vulnerability in Strapi
Strapi is the an open-source headless content management system.
network
low complexity
strapi
2.7
2023-07-25 CVE-2023-34235 Information Exposure vulnerability in Strapi
Strapi is an open-source headless content management system.
network
low complexity
strapi CWE-200
7.5
2023-07-25 CVE-2023-34093 Information Exposure vulnerability in Strapi
Strapi is an open-source headless content management system.
network
low complexity
strapi CWE-200
7.1