Title:Strapi 安全漏洞 (CVE-2023-22894) Description:Strapi是一套开源的内容管理系统(CMS)。 Strapi 4.5.5之前版本存在安全漏洞,该漏洞源于允许攻击者通过利用查询过滤器来发现敏感的用户详细信息,攻击者利用该漏洞可以发现所有用户的密码哈希和密码重置令牌,或者发现所有 API 用户的敏感信息。
File Snapshot
None
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.