Home / os / blackberry
Strapi 3.6.8 Password Disclosure / Insecure Handling
Posted on 02 May 2022
Strap versions prior to 3.6.9 and 4.1.5 disclose a user's password due to simply base64 encoding it and sticking it in a cookie.
Home / os / blackberry
Strapi 3.6.8 Password Disclosure / Insecure Handling
Posted on 02 May 2022
Strap versions prior to 3.6.9 and 4.1.5 disclose a user's password due to simply base64 encoding it and sticking it in a cookie.