Описание
Injection in bodymen
bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a proto payload.
Пакеты
Наименование
bodymen
npm
Затронутые версииВерсия исправления
< 1.1.1
1.1.1
Связанные уязвимости
CVSS3: 6.3
nvd
почти 6 лет назад
bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.