[strapi] Unrestricted Upload of File with Dangerous Type in Strapi

An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-27263
• https://www.youtube.com/watch?v=LEeabouqRrg
• https://github.com/advisories/GHSA-9qgm-w87q-hx89