CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-46440 – Strapi 3.6.8 Password Disclosure / Insecure Handling
https://notcve.org/view.php?id=CVE-2021-46440
Storing passwords in a recoverable format in the DOCUMENTATION plugin component of Strapi before 3.6.9 and 4.x before 4.1.5 allows an attacker to access a victim's HTTP request, get the victim's cookie, perform a base64 decode on the victim's cookie, and obtain a cleartext password, leading to getting API documentation for further API attacks. El almacenamiento de contraseñas en un formato recuperable en el componente del plugin DOCUMENTATION de Strapi versiones anteriores a 3.6.9 y versiones 4.x anteriores a 4.1.5 permite a un atacante acceder a la petición HTTP de una víctima, obtener la cookie de la víctima, llevar a cabo una decodificación base64 en la cookie de la víctima y obtener una contraseña en texto sin cifrar, conllevando a una obtención de la documentación de la API para posteriores ataques a la misma Strap versions prior to 3.6.9 and 4.1.5 disclose a user's password due to simply base64 encoding it and sticking it in a cookie. • http://packetstormsecurity.com/files/166915/Strapi-3.6.8-Password-Disclosure-Insecure-Handling.html https://github.com/strapi/strapi/pull/12246 https://hub.docker.com/r/strapi/strapi https://strapi.io • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0764 – Arbitrary Command Injection in strapi/strapi
https://notcve.org/view.php?id=CVE-2022-0764
Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0. Una Inyección Arbitraria de Comandos en el repositorio de GitHub strapi/strapi versiones anteriores a 4.1.0. • https://github.com/strapi/strapi/commit/2a3f5e988be6a2c7dae5ac22b9e86d579b462f4c https://github.com/strapi/strapi/issues/12879 https://huntr.dev/bounties/001d1c29-805a-4035-93bb-71a0e81da3e5 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •