CVE-2024-27298

Published March 1st, 2024

View on NVD ↗

CVSS v3

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

parse-server is a Parse Server for Node.js / Express. This vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. The vulnerability has been fixed in 6.5.0 and 7.0.0-alpha.20.

parse-community/parse-server

Parse Server for Node.js / Express

GitHub

21.4K