CVE-2024-34065

Опубликовано: 12 июн. 2024

Источник: nvd

CVSS3: 7.1

CVSS3: 8.1

EPSS Низкий

Описание

Strapi is an open-source content management system. By combining two vulnerabilities (an Open Redirect and session token sent as URL query parameter) in @strapi/plugin-users-permissions before version 4.24.2, is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click). Unauthenticated attackers can leverage two vulnerabilities to obtain an 3rd party token and the bypass authentication of Strapi apps. Users should upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch.

Ссылки

https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc
Exploit
Vendor Advisory
https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*

Версия до 4.24.2 (исключая)

EPSS

Процентиль: 74%

0.00796

Низкий

7.1 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-294

Связанные уязвимости

GHSA-wrvh-rcmr-9qfc

CVSS3: 7.1

github

больше 1 года назад

@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass

EPSS

Процентиль: 74%

0.00796

Низкий

7.1 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-294