Strapi Allows Unauthorized Access to Private Fields via parms.lookup

Strapi is an open-source headless content management system. In versions from 5.0.0 to before 5.5.2, the lookup operator provided by the document service does not properly sanitize query parameters for private fields. An attacker can access private fields, including admin passwords and reset tokens, by crafting queries with the lookup parameter. This vulnerability is fixed in 5.5.2.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

通过用户控制密钥绕过授权机制

Strapi 安全漏洞

Strapi是法国strapi社区的一套开源的内容管理系统（CMS）。 Strapi 5.0.0版本至5.5.2之前版本存在安全漏洞，该漏洞源于文档服务的查找操作未正确清理私有字段的查询参数，可能导致攻击者通过特制查询访问私有字段。

N/A

N/A