fix: Parse Pointer allows to access internal Parse Server classes and circumvent beforeFind query trigger; fixes security vulnerability [GHSA-fcv6-fg5r-jm9q](https://github.com/parse-community/parse-server/security/advisories/GHSA-fcv6-fg5r-jm9q)

2023-09-04 14:19:48 +02:00
parent 328918178f
commit be4c7e23c6
12 changed files with 414 additions and 224 deletions
--- a/spec/ParseGraphQLServer.spec.js
+++ b/spec/ParseGraphQLServer.spec.js
@@ -5275,7 +5275,6 @@ describe('ParseGraphQLServer', () => {

          it('should only count', async () => {
            await prepareData();
-
            await parseGraphQLServer.parseGraphQLSchema.schemaCache.clear();

            const where = {