CVE-2022-29894 (strapi) | allinfosecnews.com

June 13, 2022, 5:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege.

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 2 weeks ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months, 2 weeks ago | web.nvd.nist.gov

android bypass check cve +10

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Information System Security Engineer 2

@ Wyetech | Annapolis Junction, Maryland

View on infosec-jobs.com

Staff Vulnerability/Configuration Management Security Engineer

@ ServiceNow | Hyderabad, India

View on infosec-jobs.com

Security Engineer

@ AXS | London, England, UK

View on infosec-jobs.com