An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows malicious users to execute arbitrary code via a crafted file.
strapi strapi 4.1.5