Description
After invoking $_internalJsEmit, which is not intended to be directly accessible, or mapreduce command’s map function in a certain way, an authenticated user can subsequently crash mongod when the server-side JavaScript engine (through $where, $function, mapreduce reduce stage, etc.) is used also in a specific way, resulting in a post-authentication denial-of-service. This issue impacts MongoDB Server v8.2 versions prior to 8.2.9 and v8.3 versions prior to 8.3.2.
Remediation
References
Related Vulnerabilities
Liferay DXP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-43763)
Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - 3.3.4)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18650)
WordPress Plugin Google Maps CP Cross-Site Scripting (1.0.3)
WordPress Plugin WP Prayer Multiple Cross-Site Request Forgery Vulnerabilities (1.6.5)