Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-fffg-cwc9-xvj7: mongo-express Cross-site Request Forgery vulnerability

In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.

ghsa
Open in Source
#csrf#vulnerability#git#mongo

mongo-express Cross-site Request Forgery vulnerability

Moderate severity GitHub Reviewed Published Mar 1, 2024 to the GitHub Advisory Database • Updated Mar 1, 2024

ghsa: Latest News

GHSA-fhcw-px4q-pmvv: Liferay Commerce Order Content Web is Vulnerable to Authorization Bypass Through User-Controlled Key
ghsa