RSS   Vulnerabilities for 'SDS'   RSS

2020-04-07
 
CVE-2020-7618

CWE-20
 

 
sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'.

 


Copyright 2024, cxsecurity.com

 

Back to Top