diff --git a/api-tests/core/strapi/api/sanitize/sanitize-query.test.api.js b/api-tests/core/strapi/api/sanitize/sanitize-query.test.api.js
index 3851bae8f0..26ab4bb58d 100644
--- a/api-tests/core/strapi/api/sanitize/sanitize-query.test.api.js
+++ b/api-tests/core/strapi/api/sanitize/sanitize-query.test.api.js
@@ -135,6 +135,25 @@ describe('Core API - Sanitize', () => {
           checkAPIResultLength(res, 0);
         });
 
+        it('Successfully filters invalid attributes', async () => {
+          const document = data.document[2];
+          const filters = {
+            ID: document.id, // invalid casing on key 'id'
+            notAnAttribute: '', // doesn't exist on schema
+            t0: { createdBy: { id: { $lt: '1' } } }, // join table name
+            t1: { createdBy: { id: { $lt: '1' } } }, // join table name
+            $fakeOp: false,
+          };
+
+          const res = await rq.get('/api/documents', { qs: { filters } });
+
+          // Should not return a 500 error from notAnAttribute or $fakeOp
+          expect(res.status).toEqual(200);
+
+          // Should receive all documents because createdBy was filtered out
+          checkAPIResultLength(res, documentsLength());
+        });
+
         it('Successfully filters on valid ID', async () => {
           const document = data.document[2];
           const res = await rq.get('/api/documents', { qs: { filters: { id: document.id } } });