This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
CVE Sentinel
cve-notifications.bsky.social
did:plc:fmpxu5qaccixyxvvyzsllshl
ID: CVE-2025-23061
CVSS V3.1: CRITICAL
Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists because of an incomplete fix for CVE-2024-53900.
#security #infosec #cve-alert
https://nvd.nist.gov/vuln/detail/CVE-2025-23061
2025-01-15T05:15:38.748Z