[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":3,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":10,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":16,"vulnerability-23086":23,"all-banners":54},["Island",4],{"key":5,"params":6,"result":8},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":7},"{}",{"head":9},{},["Island",11],{"key":12,"params":13,"result":14},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":7},{"head":15},{},["Island",17],{"key":18,"params":19,"result":21},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":20},"{\"text-color\":\"gray\"}",{"head":22},{},{"id":24,"detectable_with":25,"vuln_details":32,"vuln_id":51,"name":52,"published":53,"updated":33},23086,{"tool":26,"engine":29},{"id":27,"name":28},1,"Network Scanner",{"id":30,"name":31},2,"Nuclei",{"id":24,"codename":33,"description":33,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":33,"references":38,"cvssv3":44,"epss_score":45,"epss_percentile":46,"cve":47,"in_cisa_catalog":49,"date":50,"software_type":33,"vendor":33,"product":33,"ptt_exploit_capabilities":33},null,"high","The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.","Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses the validation checks that should prevent code execution.","Update Strapi to version 4.5.6 or later that implements proper template validation and prevents code execution in email templates.",[39,40,41,42,43],"https://github.com/strapi/strapi/releases","https://github.com/sofianeelhor/CVE-2023-22621-POC","https://github.com/strapi/security-patches","https://github.com/ARPSyndicate/cvemon","https://nvd.nist.gov/vuln/detail/CVE-2023-22621",7.2,0.91021,0.99653,[48],"CVE-2023-22621",false,"2023-04-19T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2023-22621","Strapi Versions \u003C=4.5.5 - SSTI to Remote Code Execution","2024-09-06T00:00:00Z",[55,66,75,80,86],{"title":56,"slug":57,"text":58,"link":59,"external":60,"targets":61,"cta":63,"variant":64,"campaign_id":65},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[62],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":67,"slug":68,"text":69,"link":70,"external":60,"targets":71,"cta":73,"variant":74,"campaign_id":65},"NGINX Rift free scanner - CVE-2026-42945 - Network Scanner","nginx-rift-network-scanner","🚨 Detection for NGINX Rift (CVE-2026-42945) now live. Are you exposed?","https://pentest-tools.com/pricing",[72],"/network-vulnerability-scanning/network-security-scanner-online","Find out with any plan","primary",{"title":76,"slug":77,"text":69,"link":70,"external":60,"targets":78,"cta":73,"variant":74,"campaign_id":65},"NGINX Rift free scanner - CVE-2026-42945 - Port Scanner","nginx-rift-port-scanner",[79],"/network-vulnerability-scanning/port-scanner-online-nmap",{"title":81,"slug":82,"text":83,"link":59,"external":60,"targets":84,"cta":63,"variant":64,"campaign_id":65},"NGINX Rift free scanner - CVE-2026-42945 - VulnDB Index","nginx-rift-vulndb","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[85],"/vulnerabilities-exploits",{"title":87,"slug":88,"text":83,"link":59,"external":60,"targets":89,"cta":63,"variant":64,"campaign_id":65},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog",[90],"/blog"]