Description
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
Remediation
References
Related Vulnerabilities
Prototype CVE-2020-27511 Vulnerability (CVE-2020-27511)
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (18.3)
PHP Use After Free Vulnerability (CVE-2016-7413)
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)
WordPress Plugin Push Notifications for WordPress (Lite) Cross-Site Request Forgery (6.0)