Hi
Just have a quick question from the MongoDB Database server end .
If we are running the MongoDB instance with authentication enabled , do we have any vulnerability with running javascriptProtection: false (I see that is the default - because we do not have anything specified on the mongod config by default but I do see this
db.adminCommand({getParameter:1,javascriptProtection:1})
**{ "javascriptProtection" : false}**
Does this impose any risk and can we leave this as is ?