CVE-2022-27263: Malicious File Upload
First published: Tue Apr 12 2022(Updated: )
An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Strapi Strapi | =4.1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this Strapi vulnerability?
The vulnerability ID of this Strapi vulnerability is CVE-2022-27263.
What is the severity level of CVE-2022-27263?
CVE-2022-27263 has a severity level of critical (9.8).
How does CVE-2022-27263 affect the software?
CVE-2022-27263 affects Strapi v4.1.5, allowing attackers to execute arbitrary code via a crafted file.
Are there any fixes available for CVE-2022-27263?
At the moment, there are no official fixes available for CVE-2022-27263. It is recommended to update to a patched version or apply any available mitigation steps.
Where can I find more information about CVE-2022-27263?
You can find more information about CVE-2022-27263 on the official Strapi GitHub repository and on the provided YouTube video link.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/tags
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/strapi
- canonical/strapi strapi
- version/strapi strapi/4.1.5