Vulnerabilities > Strapi > Strapi > 1.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-12 | CVE-2024-29181 | Authorization Bypass Through User-Controlled Key vulnerability in Strapi Strapi is an open-source content management system. | 3.5 |
| 2024-06-12 | CVE-2024-31217 | Unspecified vulnerability in Strapi Strapi is an open-source content management system. | 6.5 |
| 2024-06-12 | CVE-2024-34065 | Authentication Bypass by Capture-replay vulnerability in Strapi Strapi is an open-source content management system. | 8.1 |
| 2023-09-15 | CVE-2023-38507 | Unspecified vulnerability in Strapi Strapi is the an open-source headless content management system. | 9.8 |
| 2023-09-15 | CVE-2023-36472 | Unspecified vulnerability in Strapi Strapi is an open-source headless content management system. | 5.7 |
| 2023-09-15 | CVE-2023-37263 | Unspecified vulnerability in Strapi Strapi is the an open-source headless content management system. | 2.7 |
| 2023-07-25 | CVE-2023-34235 | Unspecified vulnerability in Strapi Strapi is an open-source headless content management system. | 7.5 |
| 2023-07-25 | CVE-2023-34093 | Unspecified vulnerability in Strapi Strapi is an open-source headless content management system. | 7.1 |
| 2022-09-27 | CVE-2022-31367 | SQL Injection vulnerability in Strapi Strapi before 3.6.10 and 4.x before 4.1.10 mishandles hidden attributes within admin API responses. | 8.8 |
| 2022-06-13 | CVE-2022-29894 | Cross-site Scripting vulnerability in Strapi Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. | 4.8 |