Skip to main content

Protected Populate

1 CVEs product

Monthly

CVE-2023-48218 npm MEDIUM PATCH This Month

The Strapi Protected Populate Plugin protects `get` endpoints from revealing too much information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Protected Populate
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

The Strapi Protected Populate Plugin protects `get` endpoints from revealing too much information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Protected Populate
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy