CVE-2024-53900 Information

Description

Mongoose before 8.8.3 can improperly use $where in match.

Reference

https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md https://github.com/Automattic/mongoose/commit/c9e86bff7eef477da75a29af62a06d41a835a156 https://github.com/Automattic/mongoose/releases https://www.npmjs.com/package/mongoose?activeTab=versions