strapi is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization of the attributes within admin API responses allowing an attacker to exploit the vulnerability use the information for malicious intent.
github.com/kos0ng/CVEs/tree/main/CVE-2022-31367
github.com/strapi/strapi/commit/1d50038e440482a7106d37353d8258436e9153bd
github.com/strapi/strapi/commit/55a6a2bc0b6f52ce5a10ffb174336ea5a30d78fe
github.com/strapi/strapi/pull/12881
github.com/strapi/strapi/releases/tag/v3.6.10
github.com/strapi/strapi/releases/tag/v4.1.10