Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions Plugin
- Severity:
- High
Description
Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server.
Recommendation
Update the @strapi/plugin-users-permissions package to the latest compatible version. Followings are version details:
- Affected version(s): < 4.5.6
- Patched version(s): 4.5.6
References
- GHSA-2h87-4q2w-v4hf
- strapi.io
- www.ghostccamm.com
- CVE-2023-22621
- CWE-74
- CAPEC-310
- OWASP 2021-A3
- OWASP 2021-A6
Related Issues
- @strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass - CVE-2024-34065
- Strapi Improper Rate Limiting vulnerability (GHSA-24q2-59hm-rh9r) - CVE-2023-38507
- When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id - CVE-2023-35167
- Strapi does not verify the access or ID tokens issued during the OAuth flow - CVE-2023-22893
- Tags:
- npm
- @strapi/plugin-users-permissions
Anything's wrong? Let us know Last updated on November 07, 2023