Security Advisory

CVE-2024-39309

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-01 21:15:26

Last updated 2024-08-02 04:19:20

Assigner GitHub_M

State PUBLISHED

Description

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A vulnerability in versions prior to 6.5.7 and 7.1.0 allows SQL injection when Parse Server is configured to use the PostgreSQL database. The algorithm to detect SQL injection has been improved in versions 6.5.7 and 7.1.0. No known workarounds are available.

← Browse all CVEs View on cve.org ↗