CVE-2020-24391
Javascript Injection in npm/mongo-express
Identifiers
CVE-2020-24391
Package Slug
npm/mongo-express
Vulnerability
Javascript Injection
Description
mongo-express offers support for certain advanced syntax but implements this in an unsafe way
Affected Versions
All versions up to 0.54.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2021-04-09
| source |