Vulnerabilities > Mongo Express Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-21	CVE-2021-21422	Cross-site Scripting vulnerability in Mongo-Express Project Mongo-Express mongo-express is a web-based MongoDB admin interface, written with Node.js and express. network mongo-express-project CWE-79	4.3
2021-04-13	CVE-2021-23372	Improper Check for Unusual or Exceptional Conditions vulnerability in Mongo-Express Project Mongo-Express All versions of package mongo-express are vulnerable to Denial of Service (DoS) when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash. network low complexity mongo-express-project CWE-754	5.0
2021-03-30	CVE-2020-24391	Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. network low complexity mongo-express-project	7.5
2019-12-24	CVE-2019-10758	Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. network low complexity mongo-express-project critical	9.0

Vulnerabilities > Mongo Express Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mongo Express Project"}]}