Vulnerability identifier: #VU34229
Vulnerability risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
strapi
Web applications /
CMS
Vendor: strapi.io
Description
The vulnerability allows a remote authenticated user to manipulate data.
Strapi before 3.0.2 could allow a remote authenticated attacker to bypass security restrictions because templates are stored in a global variable without any sanitation. By sending a specially crafted request, an attacker could exploit this vulnerability to update the email template for both password reset and account confirmation emails.
Mitigation
Install update from vendor's website.
Vulnerable software versions
strapi: 3.0.0 - 3.0.1
External links
http://exchange.xforce.ibmcloud.com/vulnerabilities/183045
http://github.com/strapi/strapi/pull/6599
http://github.com/strapi/strapi/releases/tag/v3.0.2
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.