Vulnerability CVE-2024-37818


Published: 2024-06-20

Description:
Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /strapi.io/_next/image. This vulnerability allows attackers to scan for open ports or access sensitive information via a crafted GET request.

 References:
https://strapi.io/
https://medium.com/%40barkadevaibhav491/server-side-request-forgery-in-strapi-e02d5fe218ab

Copyright 2026, cxsecurity.com

 

Back to Top