CNNVD-202510-2336 Information
Oct 16, 2025
cve
CNNVD ID
CNNVD-202510-2336
Related CVE
- CNNVD Published: 2025-10-16
Description (Chinese)
Strapi是法国strapi社区的一套开源的内容管理系统(CMS)。 Strapi 5.20.0之前版本存在安全漏洞,该漏洞源于默认安装中存在CORS配置错误,可能导致跨资源共享攻击。
Description (English)
Strapi is an open-source content management system (CMS) for the French community of Strapi. There was a security loophole in the pre-Strapi 5.20.0 version, which resulted from a CORE configuration error in the default installation, which could lead to a cross-resource-sharing attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
strapi
Published
2025-10-16
Last Modified
2026-02-24
References
https://github.com/strapi/strapi/security/advisories/GHSA-9329-mxxw-qwf8
Patch
https://github.com/strapi/strapi/releases
Share on: