How to fix the XSS cross site scripting problem?

Questions and Answers
1
System Information
  • Strapi Version: v4.7.1
  • Operating System: MAC
  • Database: MySql
  • Node Version: v14.20.1
  • NPM Version: 6.14.17
  • Yarn Version:

The strapi has an Unrestricted File Upload vulnerability that allows an attacker to successfully upload files containing malicious content to the system and execute. Please assist to fix this.

2

Thank you for reporting this.
Could you please email us on security@strapi.io
We will need some reproduction steps that prove malicious capabilities in this email.

Thank you :slight_smile:

3

Thank you for your support. :slightly_smiling_face:

I’ve sent reproduction steps email.

Thank you.

1 Like