all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-22621 (strapi)

Add to bookmarks
April 19, 2023, 4:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses the validation checks that should prevent code execution.

access code code execution cve email exploited inject injection panel payload server ssti strapi template template injection validation

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 1 week ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months, 1 week ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months, 1 week ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months, 1 week ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months, 1 week ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months, 1 week ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Information Security Compliance Manager

@ Bottomline Technologies | North America
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com

XM Cyber Solution Consultant

@ ServiceNow | Boston, Massachusetts, United States
View on infosec-jobs.com

Delivery Manager Quality Assurance (software & cyber security)

@ Resillion | Hasselt, Belgium
View on infosec-jobs.com

Security Lead - Air Cargo

@ Adani Group | MUMBAI, MAHARASHTRA, India
View on infosec-jobs.com