CVE-2023-52555
Published
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.
Web-based MongoDB admin interface, written with Node.js and Express
GitHub