Security Advisory 08-15-2018

22 views

Skip to first unread message

Taranveer Virk

unread,

Aug 15, 2018, 12:47:59 PM8/15/18

to LoopBackJS Announcements

LoopBack Security Advisory (8/15/2018) => `loopback-connector-mongodb` allowed NoSQL Injection Attacks as MongoDB allows Server Side JavaScript execution. The connector (v3.6.0+) now sanitizes queries before passing to the MongoDB Driver. More details at https://loopback.io/doc/en/lb3/Security-advisory-08-15-2018.html.

Reply all

Reply to author

Forward

0 new messages