You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
Creating a request using filter[$where]= allows executing javascript in the mongodb instance.
If used against mongodb instances which are lower than 2.4 version it could have big impact as in the $where function scope the "db" object is exposed. https://docs.mongodb.com/manual/reference/operator/query/where/
For version 2.4 and later it is not that big of an issue
And for mongodb version 2.2.4 there are exploit in exploitdb.
Reproduce:
Call:
GET host:port/resource?filter[$where]=function(){throw Error(version())}
The text was updated successfully, but these errors were encountered:
Description:
Creating a request using filter[$where]= allows executing javascript in the mongodb instance.
If used against mongodb instances which are lower than 2.4 version it could have big impact as in the $where function scope the "db" object is exposed.
https://docs.mongodb.com/manual/reference/operator/query/where/
For version 2.4 and later it is not that big of an issue
And for mongodb version 2.2.4 there are exploit in exploitdb.
Reproduce:
Call:
GET host:port/resource?filter[$where]=function(){throw Error(version())}
The text was updated successfully, but these errors were encountered: