CVE-2019-10758 | mongo-express up to 0.53.x Endpoint toBSON Command code injection
A vulnerability was found in mongo-express up to 0.53.x. It has been classified as critical. Affected is the function toBSON of the component Endpoint. The manipulation as part of Command leads to code injection.
This vulnerability is traded as CVE-2019-10758. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.