Strapi · Strapi · CVE-2022-31367
**Name of the Vulnerable Software and Affected Versions**
Strapi versions 3.x through 3.6.9
Strapi versions 4.x through 4.1.9
**Description**
The issue concerns the mishandling of hidden attributes within admin API responses.
**Recommendations**
For Strapi versions 3.x through 3.6.9, update to version 3.6.10 or later.
For Strapi versions 4.x through 4.1.9, update to version 4.1.10 or later.