Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-fffg-cwc9-xvj7: mongo-express Cross-site Request Forgery vulnerability

In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.

ghsa
Open in Source
#csrf#vulnerability#git#mongo

mongo-express Cross-site Request Forgery vulnerability

Moderate severity GitHub Reviewed Published Mar 1, 2024 to the GitHub Advisory Database • Updated Mar 1, 2024

ghsa: Latest News

GHSA-53q7-4874-24qg: Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL
ghsa