Home / exploitsPDF Strapi 3.6.8 Password Disclosure / Insecure HandlingPosted on 02 May 2022Strap versions prior to 3.6.9 and 4.1.5 disclose a user's password due to simply base64 encoding it and sticking it in a cookie. TOP
Posted on 02 May 2022
Strap versions prior to 3.6.9 and 4.1.5 disclose a user's password due to simply base64 encoding it and sticking it in a cookie.
TOP