{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T00:41:17.273","vulnerabilities":[{"cve":{"id":"CVE-2024-52588","sourceIdentifier":"security-advisories@github.com","published":"2025-05-29T09:15:25.350","lastModified":"2025-06-24T18:27:42.593","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Strapi is an open-source content management system. Prior to version 4.25.2, inputting a local domain into the Webhooks URL field leads to the application fetching itself, resulting in a server side request forgery (SSRF). This issue has been patched in version 4.25.2."},{"lang":"es","value":"Strapi es un sistema de gestión de contenido de código abierto. Antes de la versión 4.25.2, introducir un dominio local en el campo URL de Webhooks provocaba que la aplicación se recuperara a sí misma, lo que resultaba en un server side request forgery (SSRF). Este problema se ha corregido en la versión 4.25.2."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*","versionEndExcluding":"4.25.2","matchCriteriaId":"128D5142-48F9-4B17-8D63-AEE69B8D1F41"}]}]}],"references":[{"url":"https://github.com/strapi/strapi/security/advisories/GHSA-v8wj-f5c7-pvxf","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}