Vulnerabilities > Strapi > Strapi

DATE CVE VULNERABILITY TITLE RISK
2024-06-12 CVE-2024-29181 Authorization Bypass Through User-Controlled Key vulnerability in Strapi
Strapi is an open-source content management system.
network
low complexity
strapi CWE-639
3.5
3.5
2024-06-12 CVE-2024-31217 Unspecified vulnerability in Strapi
Strapi is an open-source content management system.
network
low complexity
strapi
6.5
6.5
2024-06-12 CVE-2024-34065 Authentication Bypass by Capture-replay vulnerability in Strapi
Strapi is an open-source content management system.
network
low complexity
strapi CWE-294
8.1
8.1
2023-11-06 CVE-2023-39345 Improper Authentication vulnerability in Strapi
strapi is an open-source headless CMS.
network
low complexity
strapi CWE-287
7.5
7.5
2023-09-15 CVE-2023-38507 Allocation of Resources Without Limits or Throttling vulnerability in Strapi
Strapi is the an open-source headless content management system.
network
low complexity
strapi CWE-770
critical
 9.8
9.8
2023-09-15 CVE-2023-36472 Information Exposure vulnerability in Strapi
Strapi is an open-source headless content management system.
network
low complexity
strapi CWE-200
5.7
5.7
2023-09-15 CVE-2023-37263 Unspecified vulnerability in Strapi
Strapi is the an open-source headless content management system.
network
low complexity
strapi
2.7
2.7
2023-07-25 CVE-2023-34235 Information Exposure vulnerability in Strapi
Strapi is an open-source headless content management system.
network
low complexity
strapi CWE-200
7.5
7.5
2023-07-25 CVE-2023-34093 Information Exposure vulnerability in Strapi
Strapi is an open-source headless content management system.
network
low complexity
strapi CWE-200
7.1
7.1
2023-04-19 CVE-2023-22621 Injection vulnerability in Strapi
Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server.
network
low complexity
strapi CWE-74
7.2
7.2