const clone = require('rfdc')({proto: false});
const x = JSON.parse(`{"__proto__":{"isAdmin": true}}`);
const f = clone(x)
console.log(f); // {}
console.log(f.isAdmin); // true
This code demonstrates how prototype poisoning can occur by cloning an object containing a proto property with default permissions using the rfdc library. The isAdmin property is injected into the object's prototype.
Implications
Unauthorized Access: Users can gain elevated permissions without proper authorization.
Security Breach: Compromised data integrity and potential for privilege escalation.
Inconsistent Behavior: Application logic relying on permissions can be bypassed, leading to unpredictable behavior and security vulnerabilities.
Mitigation
Specifically check for keys like "proto", "prototype", "constructor"
Since this library has a lot of weekly downloads so there might multiple use cases that might be effected by this bug
POC:
This code demonstrates how prototype poisoning can occur by cloning an object containing a proto property with default permissions using the rfdc library. The isAdmin property is injected into the object's prototype. Implications
Mitigation
Since this library has a lot of weekly downloads so there might multiple use cases that might be effected by this bug