Описание
A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. NOTE: the Supplier disputes this because they found that the lib.setValue function is not utilized.
EPSS
Процентиль: 45%
0.00224
Низкий
7.5 High
CVSS3
Дефекты
CWE-1321
Связанные уязвимости
CVSS3: 7.5
github
около 1 года назад
A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
EPSS
Процентиль: 45%
0.00224
Низкий
7.5 High
CVSS3
Дефекты
CWE-1321