fix: Parse Pointer allows to access internal Parse Server classes and circumvent beforeFind query trigger; fixes security vulnerability [GHSA-fcv6-fg5r-jm9q](https://github.com/parse-community/parse-server/security/advisories/GHSA-fcv6-fg5r-jm9q)

2023-09-04 14:20:07 +02:00
parent 62bb396ab4
commit 6458ab072e
12 changed files with 412 additions and 224 deletions
--- a/spec/ParseGraphQLServer.spec.js
+++ b/spec/ParseGraphQLServer.spec.js
@@ -5269,7 +5269,6 @@ describe('ParseGraphQLServer', () => {

          it('should only count', async () => {
            await prepareData();
-
            await parseGraphQLServer.parseGraphQLSchema.schemaCache.clear();

            const where = {