CVE-2024-37818 | Strapi 4.24.4 GET Request /strapi.io/_next/image server-side request forgery

Inserito da Angelo Barbosa | Giu 20, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Strapi 4.24.4. This issue affects some unknown processing of the file /strapi.io/_next/image of the component GET Request Handler. The manipulation leads to server-side request forgery.

The identification of this vulnerability is CVE-2024-37818. The attack can only be done within the local network. There is no exploit available.

CVE-2024-37818 | Strapi 4.24.4 GET Request /strapi.io/_next/image server-side request forgery

Post correlati

CVE-2024-3957 | Booster for WooCommerce Plugin up to 7.1.8 on WordPress Shortcode Remote Code Execution

CVE-2022-23089 | FreeBSD proc_getargv out-of-bounds

CVE-2024-29152 | Samsung Auto T5123 information disclosure

CVE-2023-6771 | SourceCodester Simple Student Attendance System 1.0 actions.class.php save_attendance sid sql injection