admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/Strapi/CVE-2019-18818
History
xiaoheihei1107 8a4091a8b8
Add CVE-2019-18818
2021-09-10 14:36:03 +08:00
..
README.md
Add CVE-2019-18818
2021-09-10 14:35:36 +08:00
Strapi_17_4_Password_Reset_CVE_2019_18818.gif
Add CVE-2019-18818
2021-09-10 14:36:03 +08:00

README.md

Strapi 3.0.0 17.4 Password Reset (CVE-2019-18818)

Strapi is an open source headless content management system (CMS), strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.

FOFA query rule: banner="X-Powered-By: Strapi <strapi.io>"

Demo

Strapi_17_4_Password_Reset_CVE_2019_18818