CVE-2023-52555

Publication date

2024-03-01 00:00:00

Family

mitre

State

PUBLISHED

Description

In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.