CVE-2022-32114

Unrestricted Upload of File with Dangerous Type in npm/@strapi/strapi

Identifiers

GHSA-4vm8-j95f-j6v5, CVE-2022-32114

Package Slug

npm/@strapi/strapi

Vulnerability

Unrestricted Upload of File with Dangerous Type

Description

An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file.

Affected Versions

All versions up to 4.1.12

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-08-09

source