Vulnerability Description
Strapi is an open-source headless content management system. Prior to version 4.11.7, an unauthorized actor can get access to user reset password tokens if they have the configure view permissions. The `/content-manager/relations` route does not remove private fields or ensure that they can't be selected. This issue is fixed in version 4.11.7.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Strapi | Strapi | < 4.11.7 |
Related Weaknesses (CWE)
References
- https://github.com/strapi/strapi/releases/tag/v4.11.7Release Notes
- https://github.com/strapi/strapi/security/advisories/GHSA-v8gg-4mq2-88q4ExploitThird Party Advisory
- https://github.com/strapi/strapi/releases/tag/v4.11.7Release Notes
- https://github.com/strapi/strapi/security/advisories/GHSA-v8gg-4mq2-88q4ExploitThird Party Advisory
FAQ
What is CVE-2023-36472?
CVE-2023-36472 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Strapi is an open-source headless content management system. Prior to version 4.11.7, an unauthorized actor can get access to user reset password tokens if they have the configure view permissions. Th...
How severe is CVE-2023-36472?
CVE-2023-36472 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-36472?
Check the references section above for vendor advisories and patch information. Affected products include: Strapi Strapi.