Security question over URLs

System Information
  • 4.22:


Wanted some opinion on potential security flaw/exploit. Let me prepend this by saying I am not a high end developer, sysop or infrastructure engineer. I am doing UAT on a new strapi/next site.

The site has a deep category structure. Each level contains a number of items, similar to a traditional ecommerce site but with bespoke product/items.

The scenario is:
URL= /cat1/cat2/item

Add to the end of the URL: /cat1/cat2/item/

When you push this, it reloads the page. It takes a second to reload the items, no 404 as expected but interestingly it adds the as a breadcrumb.

Main concerns are around malicious intent; sending bad site links to that url despite the fact we have no content related.

Would anyone agree?