40033—NoSQL Injection - MongoDB
PUBLISHEDsecurity alertHigh
Active
Metadata
摘要
MongoDB query injection may be possible.
解决方案
Do not trust client side input and escape all data on the server side. Avoid to use the query input directly into the where and group clauses and upgrade all drivers at the latest available version.