CVE-2020-24391
npm/mongo-express
Javascript Injection
mongo-express offers support for certain advanced syntax but implements this in an unsafe way
All versions up to 0.54.0
Unfortunately, there is no solution available yet.
2021-04-09