Vulnerability Database

Published: Apr 12, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27263" target="_blank" rel="noopener"> CVE-2022-27263
GHSA: <a href="https://github.com/advisories/GHSA-9qgm-w87q-hx89" target="_blank" rel="noopener"> GHSA-9qgm-w87q-hx89
Severity: Critical
Exploit:

296,746

Total vulnerabilities in the database

An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
strapi / strapi	4.1.5	4.1.5.x
strapi	-	4.1.5.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.