Vulnerabilities > Mongo Express Project > Mongo Express > 0.52.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-21 | CVE-2021-21422 | Cross-site Scripting vulnerability in Mongo-Express Project Mongo-Express mongo-express is a web-based MongoDB admin interface, written with Node.js and express. | 4.3 |
| 2021-03-30 | CVE-2020-24391 | Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. | 7.5 |
| 2019-12-24 | CVE-2019-10758 | Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. | 9.0 |