[Snyk] Fix for 2 vulnerabilities

[JJediny]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - cms/package.json - cms/package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | No | Proof of Concept  | **718/1000**
**Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5 | Information Exposure
[SNYK-JS-FOLLOWREDIRECTS-6444610](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610) | No | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: strapi

The new version differs by 83 commits.

• 62b3ff5 v3.6.11
• d8ca7ff Merge pull request #14914 from strapi/chore/v3-deps
• ba3552d Revert mongoose
• c313dcf Add missing dependencies
• 105c2c8 Some more deps
• ae41280 Revert swagger
• bb3f562 Revert sharp
• dee19db drop node 12
• e06c6ee Upgrade swagger
• 39ee3d7 Upgrade sharp
• 7215c92 Upgrade koa2-ratelimit
• 6f706e9 wip
• 86f882b v3.6.10
• 55a6a2b Merge pull request #13189 from strapi/fix/user-hidden-attributes-v3
• ed711ac Fix sanitation for admin users in cm
• 93268b6 Pass down withHidden option in sanitize recursion
• 775b5d4 Fix typo, hide tokens from admin user
• 6493b70 Removes hidden configuration from schema files
• 2163660 Use schema.config.attributes instead schema.attributes
• 8edbc4a Hide confirmation and reset-password token from the getstarted U&P extension
• db6a776 v3.6.9
• e1cb927 Merge pull request #12520 from strapi/packages-deprecation
• dff93d0 Typo
• 0a13a52 Update V3 deprecation estimation

See the full diff

Package name: strapi-admin

The new version differs by 83 commits.

• 62b3ff5 v3.6.11
• d8ca7ff Merge pull request #14914 from strapi/chore/v3-deps
• ba3552d Revert mongoose
• c313dcf Add missing dependencies
• 105c2c8 Some more deps
• ae41280 Revert swagger
• bb3f562 Revert sharp
• dee19db drop node 12
• e06c6ee Upgrade swagger
• 39ee3d7 Upgrade sharp
• 7215c92 Upgrade koa2-ratelimit
• 6f706e9 wip
• 86f882b v3.6.10
• 55a6a2b Merge pull request #13189 from strapi/fix/user-hidden-attributes-v3
• ed711ac Fix sanitation for admin users in cm
• 93268b6 Pass down withHidden option in sanitize recursion
• 775b5d4 Fix typo, hide tokens from admin user
• 6493b70 Removes hidden configuration from schema files
• 2163660 Use schema.config.attributes instead schema.attributes
• 8edbc4a Hide confirmation and reset-password token from the getstarted U&P extension
• db6a776 v3.6.9
• e1cb927 Merge pull request #12520 from strapi/packages-deprecation
• dff93d0 Typo
• 0a13a52 Update V3 deprecation estimation

See the full diff

Package name: strapi-plugin-content-type-builder

The new version differs by 83 commits.

• 62b3ff5 v3.6.11
• d8ca7ff Merge pull request #14914 from strapi/chore/v3-deps
• ba3552d Revert mongoose
• c313dcf Add missing dependencies
• 105c2c8 Some more deps
• ae41280 Revert swagger
• bb3f562 Revert sharp
• dee19db drop node 12
• e06c6ee Upgrade swagger
• 39ee3d7 Upgrade sharp
• 7215c92 Upgrade koa2-ratelimit
• 6f706e9 wip
• 86f882b v3.6.10
• 55a6a2b Merge pull request #13189 from strapi/fix/user-hidden-attributes-v3
• ed711ac Fix sanitation for admin users in cm
• 93268b6 Pass down withHidden option in sanitize recursion
• 775b5d4 Fix typo, hide tokens from admin user
• 6493b70 Removes hidden configuration from schema files
• 2163660 Use schema.config.attributes instead schema.attributes
• 8edbc4a Hide confirmation and reset-password token from the getstarted U&P extension
• db6a776 v3.6.9
• e1cb927 Merge pull request #12520 from strapi/packages-deprecation
• dff93d0 Typo
• 0a13a52 Update V3 deprecation estimation

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/tts/project/63ccae60-75d5-4223-9f74-ba3a43aa2e94?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/tts/project/63ccae60-75d5-4223-9f74-ba3a43aa2e94?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"a686dc94-0f1c-4906-b27c-50f0e7722ec9","prPublicId":"a686dc94-0f1c-4906-b27c-50f0e7722ec9","dependencies":[{"name":"strapi","from":"3.6.6","to":"3.6.11"},{"name":"strapi-admin","from":"3.6.6","to":"3.6.11"},{"name":"strapi-plugin-content-type-builder","from":"3.6.6","to":"3.6.11"}],"packageManager":"npm","projectPublicId":"63ccae60-75d5-4223-9f74-ba3a43aa2e94","projectUrl":"https://app.snyk.io/org/tts/project/63ccae60-75d5-4223-9f74-ba3a43aa2e94?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-FOLLOWREDIRECTS-6444610"],"upgrade":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-FOLLOWREDIRECTS-6444610"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[696,718],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr)

[github-actions[bot]]

:eyes: Generating Terraform plan...