RSS   Vulnerabilities for 'Confinit'   RSS

2020-04-06
 
CVE-2020-7638

CWE-20
 

 
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.

 


Copyright 2024, cxsecurity.com

 

Back to Top