Security Advisory

CVE-2023-46942

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-13 00:00:00

Last updated 2025-06-03 14:03:22

Assigner mitre

State PUBLISHED

Description

Lack of authentication in NPMs package @evershop/evershop before version 1.0.0-rc.8, allows remote attackers to obtain sensitive information via improper authorization in GraphQL endpoints.

← Browse all CVEs View on cve.org ↗