Back to directory

WRITEUP #237

Looking for vulnerabilities in Strapi (CVE-2024-34065)

Auth BypassAuthentication bypassOpen redirectSecurity code review

byMathieu Farrell

Program

Strapi

Published

Jun 25, 2024

Added to HackDex

Jul 30, 2024

Read Full Writeuphttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html

▸ RELATED WRITEUPS

$1600 Bounty on a Main Domain

ReconSession fixation

Breaking the Barrier: Admin Panel Takeover Worth $3500

Auth BypassAuthentication bypass

SAML Authentication Bypass Leading to Admin Panel Access

Auth BypassSAML

Breaking Down Barriers: Exploiting Authenticated IPC Clients

Auth BypassIPC client

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Built with ❤️ by Shubham Rawat