Convly

**Name of the Vulnerable Software and Affected Versions** Strapi versions prior to 3.2.5 **Description** The issue arises from the lack of `admin::hasPermissions` restriction for CTB (content-type-builder) routes. This means that there are no proper access controls in place for these specific routes, potentially allowing unauthorized access or actions. **Recommendations** For versions prior to 3.2.5, update to version 3.2.5 or later to resolve the issue. As a temporary workaround, consider restricting access to CTB routes to minimize the risk of exploitation.