Vulnerability in N/a
CVE-2024-53900
Mongoose before 8.8.3 can improperly use $where in match, leading to search injection.
EPSS: 0.522 (98.0th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2024-53900?
- CVE-2024-53900 is a vulnerability in N/a. Published 2024-12-02.
- Is CVE-2024-53900 known to be exploited?
- 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.