Description
A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbitrary restart of the application.
Remediation
References
https://hackerone.com/reports/768574
Related Vulnerabilities
CVE-2020-28435 Vulnerability in npm package ffmpeg-sdk
CVE-2018-16493 Vulnerability in npm package static-resource-server
CVE-2021-25949 Vulnerability in npm package set-getter
CVE-2020-11002 Vulnerability in maven package io.dropwizard:dropwizard-validation
CVE-2023-34478 Vulnerability in maven package org.apache.shiro:shiro-web