Vulnerabilities > Strapi > Low

DATE CVE VULNERABILITY TITLE RISK
2024-06-12 CVE-2024-29181 Authorization Bypass Through User-Controlled Key vulnerability in Strapi
Strapi is an open-source content management system.
network
low complexity
strapi CWE-639
3.5
3.5
2023-09-15 CVE-2023-37263 Unspecified vulnerability in Strapi
Strapi is the an open-source headless content management system.
network
low complexity
strapi
2.7
2.7
2022-06-13 CVE-2022-29894 Cross-site Scripting vulnerability in Strapi
Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function.
network
strapi CWE-79
3.5
3.5
2020-10-22 CVE-2020-27666 Cross-site Scripting vulnerability in Strapi
Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview feature.
network
strapi CWE-79
3.5
3.5