
@strapi/plugin-users-permissions
Protect your API with a full-authentication process based on JWT
Security Advisories for @strapi/plugin-users-permissions in npm
High
over 1 year ago
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass
npm
@strapi/plugin-users-permissions
High
almost 2 years ago
Unauthorized Access to Private Fields in User Registration API
npm
@strapi/strapi, @strapi/plugin-users-permissions
High
about 2 years ago
Strapi Improper Rate Limiting vulnerability
npm
@strapi/plugin-users-permissions, @strapi/admin
Critical
over 2 years ago
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions Plugin
npm
@strapi/plugin-email, @strapi/plugin-users-permissions
Moderate
over 2 years ago
Strapi does not verify the access or ID tokens issued during the OAuth flow
npm
@strapi/plugin-users-permissions
High
over 2 years ago
Authentication Bypass in @strapi/plugin-users-permissions
npm
@strapi/plugin-users-permissions