OsVault/npm/@strapi/plugin-users-permissions
npm

@strapi/plugin-users-permissions

5 known vulnerabilities · 0 critical · 5 high

CVE-2023-38507HIGH

Strapi Improper Rate Limiting vulnerability

Published Sep 13, 2023
CVE-2023-22621HIGH

Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions Plugin

Published Apr 19, 2023
CVE-2023-22893HIGH

Strapi does not verify the access or ID tokens issued during the OAuth flow

Published Apr 19, 2023
CVE-2024-34065HIGH

@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass

Published Jun 12, 2024
CVE-2023-39345HIGH

Unauthorized Access to Private Fields in User Registration API

Published Nov 3, 2023
Check your entire dependency tree at onceRun dependency scan →