CVE-2023-48218
The CVE-2023-48218 issue affects the Strapi Protected Populate Plugin. Pre-1.3.4 versions allowed bypassing field-level security by populating fields the user should not access on get endpoints. It has been patched in version 1.3.4; no workarounds are documented. CVSSv3.1 base score 5.3 (NETWORK,...