strapi prior to 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
strapi strapi |
||
strapi strapi 3.0.0 |