chore(release): 5.2.7 [skip ci]

Public Access

## [5.2.7](https://github.com/parse-community/parse-server/compare/5.2.6...5.2.7) (2022-09-20)

### Bug Fixes

* authentication adapter app ID validation may be circumvented; this fixes a vulnerability that affects configurations which allow users to authenticate using the Parse Server authentication adapter for *Facebook* or *Spotify* and where the server-side authentication adapter configuration `appIds` is set as a string (e.g. `abc`) instead of an array of strings (e.g. `["abc"]`) ([GHSA-r657-33vp-gp22](https://github.com/parse-community/parse-server/security/advisories/GHSA-r657-33vp-gp22)) ([#8185](https://github.com/parse-community/parse-server/issues/8185)) ([ecf0814](ecf0814499))

This commit is contained in:

semantic-release-bot

2022-09-20 20:43:51 +00:00

parent ecf0814499

commit e6dc487963

3 changed files with 9 additions and 2 deletions

									
										2

package-lock.json
									
										generated
									
												View File
												
				@@ -1,6 +1,6 @@

				{

				  "name": "parse-server",

				  "version": "5.2.6",

				  "version": "5.2.7",

				  "lockfileVersion": 1,

				  "requires": true,

				  "dependencies": {

chore(release): 5.2.7 [skip ci]

2 package-lock.json generated Unescape Escape View File

2

package-lock.json generated

View File