Prototype Pollution in rdf-graph-array through 0.3.0-rc6: Manipulation of JavaScript Objects via rdf.Graph.prototype.add
CVE-2019-10798 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype.
Learn more about our Web Application Penetration Testing UK.