Cross Site Request Forgery (CSRF)
mongo-express is vulnerable to Cross Site Request Forgery CSRF. The vulnerability is due a missing CSRF protection in an end point /admin. An attacker can exploit this to do unauthorized actions, such as deletion of a Collection...