Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-fffg-cwc9-xvj7: mongo-express Cross-site Request Forgery vulnerability

In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.

ghsa
Open in Source
#csrf#vulnerability#git#mongo

mongo-express Cross-site Request Forgery vulnerability

Moderate severity GitHub Reviewed Published Mar 1, 2024 to the GitHub Advisory Database • Updated Mar 1, 2024

ghsa: Latest News

GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability
ghsa