Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A vulnerability in versions prior to 6.5.7 and 7.1.0 allows SQL injection when Parse Server is configured to use the PostgreSQL database. The algorithm to detect SQL injection has been improved in versions 6.5.7 and 7.1.0. No known workarounds are available.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-07-01T21:15:26.242Z
Updated: 2024-08-02T04:19:20.712Z
Reserved: 2024-06-21T18:15:22.260Z
Link: CVE-2024-39309
Vulnrichment
Updated: 2024-07-02T17:32:32.129Z
NVD
Status : Awaiting Analysis
Published: 2024-07-01T22:15:03.253
Modified: 2024-11-21T09:27:25.990
Link: CVE-2024-39309
Redhat
No data.