Strapi is an open-source headless content management system. In versions from 5.0.0 to before 5.5.2, the lookup operator provided by the document service does not properly sanitize query parameters for private fields. An attacker can access private fields, including admin passwords and reset tokens, by crafting queries with the lookup parameter. This vulnerability is fixed in 5.5.2.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:NStrapi
APPStrapi5.0.0 – 5.5.2 (bez)
Powiązane podatności
SQL Injection w Strapi Content-Type Builder — możliwe RCE i odczyt plików
Strapi: Path Traversal w filtrach relacyjnych umożliwia przejęcie konta admina
An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute ...
admin/src/containers/InputModalStepperProvider/index.js in Strapi before 3.2.5 has unwanted /proxy?url= functi...
strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and ...