CVE-2020-15126

Posted on 2020년 7월 23일2020년 7월 23일 by admin

CVE-2020-15126

In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object.

Source: CVE-2020-15126

답글 남기기 응답 취소