Prototype Pollution vulnerability in jsgui-lang-essentials package

Prototype Pollution vulnerability in jsgui-lang-essentials package

CVE-2022-25301 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype.

Learn more about our Web Application Penetration Testing UK.