YApi mongo

YApi mongo Injection Vulnerability Alert

novembro 12, 2022

Overview Recently, NSFOCUS CERT detected that an open source API interface management platform YApi mongo injection vulnerability was publicly released on the Internet. Due to the splicing of a certain function in YApi, MongoDB injection can be realized. Unauthenticated remote attackers can exploit this vulnerability to obtain the user token (including necessary parameters such as […]


Inscreva-se no Blog da NSFOCUS