CVE-2023-46942

Publication date

2024-01-13 00:00:00

Family

mitre

State

PUBLISHED

Description

Lack of authentication in NPMs package @evershop/evershop before version 1.0.0-rc.8, allows remote attackers to obtain sensitive information via improper authorization in GraphQL endpoints.