Miggo Logo
Miggo Vulnerability Database
CVE-2025-3930

CVE-2025-3930: Strapi is vulnerable to Insufficient Session Expiration

N/A

CVSS Score

Basic Information

CVE ID
CVE-2025-3930
GHSA ID
GHSA-4r8w-3jww-m2rp
EPSS Score
0.20129%
CWE
CWE-613
Published
10/16/2025
Updated
10/16/2025
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
@strapi/strapinpm< 5.24.15.24.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

Str*pi us*s JSON W** Tok*ns (JWT) *or *ut**nti**tion. **t*r lo*out or ***ount ****tiv*tion, t** JWT is not inv*li**t**, w*i** *llows *n *tt**k*r w*o **s stol*n or int*r**pt** t** tok*n to *r**ly r*us* it until its *xpir*tion **t* (w*i** is s*t to **

Reasoning

No *n*lysis *v*il**l*