@strapi/plugin-users-permissions 0.0.0-next.062cd562d0b09991b8a21fc4a32ef3eee76d7c4a

Direct Vulnerabilities

Known vulnerabilities in the @strapi/plugin-users-permissions package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Open Redirect @strapi/plugin-users-permissions is a headless CMS Affected versions of this package are vulnerable to Open Redirect when user-controllable data is incorporated into the target of a redirection in an unsafe way. In this specific context, this vulnerability allows the SSO token to be stolen, allowing an attacker to authenticate himself within the application. Notes: If parameter $_GET["callback"] is defined in the GET request, the assignment does not evaluate all conditions, but stops at the beginning. The value is then stored in the cookie koa.sess: `koa.sess=eyJncmFudCI6eyJwcm92aWRlciI6Im1pY3Jvc29mdCIsImR5bmFtaWMiOnsiY2FsbGJhY2siOiJodHRwczovL2FkbWluLmludGUubmV0YXRtby5jb20vdXNlcnMvYXV0aC9yZWRpcmVjdCJ9fSwiX2V4cGlyZSI6MTcwMTI3NTY1MjEyMywiX21heEFnZSI6ODY0MDAwMDB9` Which once base64 decoded become `{"grant":{"provider":"microsoft","dynamic":{"callback":"https://<TARGET>/users/auth/redirect"}},"_expire":1701275652123,"_maxAge":86400000}`. The signature of the cookie is stored in cookie `koa.sess.sig`: `koa.sess.sig=wTRmcVRrn88hWMdg84VvSD87-_0` How to fix Open Redirect? Upgrade `@strapi/plugin-users-permissions` to version 4.24.2 or higher.	<4.24.2
H Denial of Service (DoS) @strapi/plugin-users-permissions is a headless CMS Affected versions of this package are vulnerable to Denial of Service (DoS) such that an attacker can circumvent the rate limit on the login function of Strapi's admin screen. How to fix Denial of Service (DoS)? Upgrade `@strapi/plugin-users-permissions` to version 4.12.1 or higher.	<4.12.1

Vulnerability

Vulnerable Version

Open Redirect

@strapi/plugin-users-permissions is a headless CMS

Affected versions of this package are vulnerable to Open Redirect when user-controllable data is incorporated into the target of a redirection in an unsafe way. In this specific context, this vulnerability allows the SSO token to be stolen, allowing an attacker to authenticate himself within the application.

Notes:

If parameter $_GET["callback"] is defined in the GET request, the assignment does not evaluate all conditions, but stops at the beginning.

The value is then stored in the cookie koa.sess:

koa.sess=eyJncmFudCI6eyJwcm92aWRlciI6Im1pY3Jvc29mdCIsImR5bmFtaWMiOnsiY2FsbGJhY2siOiJodHRwczovL2FkbWluLmludGUubmV0YXRtby5jb20vdXNlcnMvYXV0aC9yZWRpcmVjdCJ9fSwiX2V4cGlyZSI6MTcwMTI3NTY1MjEyMywiX21heEFnZSI6ODY0MDAwMDB9

Which once base64 decoded become {"grant":{"provider":"microsoft","dynamic":{"callback":"https://<TARGET>/users/auth/redirect"}},"_expire":1701275652123,"_maxAge":86400000}.

The signature of the cookie is stored in cookie koa.sess.sig: koa.sess.sig=wTRmcVRrn88hWMdg84VvSD87-_0

How to fix Open Redirect?

Upgrade @strapi/plugin-users-permissions to version 4.24.2 or higher.

<4.24.2

Denial of Service (DoS)

@strapi/plugin-users-permissions is a headless CMS

Affected versions of this package are vulnerable to Denial of Service (DoS) such that an attacker can circumvent the rate limit on the login function of Strapi's admin screen.

How to fix Denial of Service (DoS)?

Upgrade @strapi/plugin-users-permissions to version 4.12.1 or higher.

<4.12.1

@strapi/plugin-users-permissions@0.0.0-next.062cd562d0b09991b8a21fc4a32ef3eee76d7c4a

Protect your API with a full-authentication process based on JWT

latest version

latest non vulnerable version

first published

latest version published

Direct Vulnerabilities

Fix vulnerabilities automatically