Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

@strapi/plugin-users-permissions

npm

Protect your API with a full-authentication process based on JWT

View on github.com · View on npmjs.org

Security Advisories for @strapi/plugin-users-permissions in npm

High
over 1 year ago

@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass GSA_kwCzR0hTQS13cnZoLXJjbXItOXFmY84AA8_E

npm @strapi/plugin-users-permissions
High
almost 2 years ago

Unauthorized Access to Private Fields in User Registration API GSA_kwCzR0hTQS1nYzdwLWo1eG0teHhoMs4AA26o

npm @strapi/strapi, @strapi/plugin-users-permissions
High
about 2 years ago

Strapi Improper Rate Limiting vulnerability GSA_kwCzR0hTQS0yNHEyLTU5aG0tcmg5cs4AA12t

npm @strapi/plugin-users-permissions, @strapi/admin
Critical
over 2 years ago

Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions Plugin GSA_kwCzR0hTQS0yaDg3LTRxMnctdjRoZs4AAy4o

npm @strapi/plugin-email, @strapi/plugin-users-permissions
Moderate
over 2 years ago

Strapi does not verify the access or ID tokens issued during the OAuth flow GSA_kwCzR0hTQS01ODN4LTIzaDktZjV3N84AAy3y

npm @strapi/plugin-users-permissions
High
over 2 years ago

Authentication Bypass in @strapi/plugin-users-permissions GSA_kwCzR0hTQS14djNxLWpybW0tNGZ4ds4AAy3O

npm @strapi/plugin-users-permissions

Filter by Severity

High 4 Moderate 1 Critical 1