module
Strapi CMS Unauthenticated Password Reset
| Disclosed |
|---|
| Feb 9, 2022 |
Disclosed
Feb 9, 2022
Description
This module abuses the mishandling of a password reset request for
Strapi CMS version 3.0.0-beta.17.4 to change the password of the admin user.
Successfully tested against Strapi CMS version 3.0.0-beta.17.4.
Strapi CMS version 3.0.0-beta.17.4 to change the password of the admin user.
Successfully tested against Strapi CMS version 3.0.0-beta.17.4.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.