PT-2026-48955
Name of the Vulnerable Software and Affected Versions Parse Server versions 9.8.0 through 9.9.1-alpha.3 Description The routeAllowList server option is intended to restrict external client access to a specific list of REST API routes. However, the check is only enforced as Express middleware...