Description
An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file.
Remediation
References
https://github.com/strapi/strapi
https://www.youtube.com/watch?v=LEeabouqRrg
Related Vulnerabilities
CVE-2019-9844 Vulnerability in npm package simple-markdown
CVE-2021-32014 Vulnerability in npm package xlsx
CVE-2018-18315 Vulnerability in maven package com.mossle:lemon
CVE-2020-8127 Vulnerability in maven package org.webjars.npm:reveal.js
CVE-2020-13942 Vulnerability in maven package org.apache.unomi:unomi-services