CVE-2024-52588 | Strapi up to 4.25.1 Webhooks URL server-side request forgery (GHSA-v8wj-f5c7-pvxf)

Inserito da Angelo Barbosa | Mag 29, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Strapi up to 4.25.1. Affected by this issue is some unknown functionality of the component Webhooks URL Handler. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-52588. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-52588 | Strapi up to 4.25.1 Webhooks URL server-side request forgery (GHSA-v8wj-f5c7-pvxf)

Post correlati

CVE-2025-26856 | I-O DATA DEVICE UD-LT2 up to 1.00.008_SE os command injection

CVE-2024-7357 | D-Link DIR-600 up to 2.18 /soap.cgi soapcgi_main service os command injection (SAP10408)

CVE-2024-23348 | appleple A-Blog CMS up to 2.8.x/2.10.49/2.11.57/3.0.28/3.1.6 SVG File cross site scripting

CVE-2024-35889 | Linux Kernel up to 6.8.4 idpf_rx_process_skb_fields denial of service (b4d28f7fa4dd/dd19e827d63a)