Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-fffg-cwc9-xvj7: mongo-express Cross-site Request Forgery vulnerability

In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.

ghsa
Open in Source
#csrf#vulnerability#git#mongo

mongo-express Cross-site Request Forgery vulnerability

Moderate severity GitHub Reviewed Published Mar 1, 2024 to the GitHub Advisory Database • Updated Mar 1, 2024

ghsa: Latest News

GHSA-58c5-g7wp-6w37: Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client
ghsa