Description
If a POST request is made to /parse/classes/_Audience (or other volatile class), any subsuquent POST requests result in an internal server error (500).
Recommendation
Update the parse-server package to the latest compatible version. Followings are version details:
- Affected version(s): < 3.4.1
- Patched version(s): 3.4.1
References
Related Issues
- Parse Server vulnerable to brute force guessing of user sensitive data via search patterns - CVE-2022-36079
- lite-server vulnerable to Denial of Service - CVE-2022-25940
- Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format - CVE-2025-64430
- Devalue is vulnerable to denial of service due to memory exhaustion in devalue.parse - CVE-2026-22774
- Tags:
- npm
- parse-server
Anything's wrong? Let us know Last updated on January 08, 2023