CVE-2023-36472
MEDIUMStrapi < 4.11.7 - Unauthorized Access to Sensitive Information via Content Manager Relations Endpoint
Title source: llmDescription
Strapi is an open-source headless content management system. Prior to version 4.11.7, an unauthorized actor can get access to user reset password tokens if they have the configure view permissions. The `/content-manager/relations` route does not remove private fields or ensure that they can't be selected. This issue is fixed in version 4.11.7.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/strapi/strapi/security/advisories/GHSA-v8gg-4mq2-88q4
Release Notes x_refsource_misc
https://github.com/strapi/strapi/releases/tag/v4.11.7
Scores
CVSS v3
5.8
EPSS
0.0056
EPSS Percentile
42.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-200
Status
published
Products (4)
strapi/admin
0 - 4.11.7npm
strapi/plugin-content-manager
0 - 4.11.7npm
strapi/strapi
< 4.11.7
strapi/utils
0 - 4.11.7npm
Published
Sep 15, 2023
Tracked Since
Feb 18, 2026