Parseplatform: >> Parse-Server >> 6.3.0 Security Vulnerabilities
parse-server is a Parse Server for Node.js / Express. This vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. The vulnerability has been fixed in 6.5.0 and 7.0.0-alpha.20.
CVSS Score
10.0
EPSS Score
0.003
Published
2024-03-01
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server crashes when uploading a file without extension. This vulnerability has been patched in versions 5.5.6 and 6.3.1.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-10-25