CVE-2022-31367
Published
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
2
PROJECTS
Description
Strapi before 3.6.10 and 4.x before 4.1.10 mishandles hidden attributes within admin API responses.
🚀 Strapi is the leading open-source headless CMS. It’s 100% JavaScript/TypeScript, fully customizable, and developer-first.
GitHub