A Prototype Pollution issue in Blackprint @blackprint/engine 0.8.12 through 0.9.1 allows an attacker to execute arbitrary code via the _utils.setDeepProperty
function of engine.min.js
.
CPE | Name | Operator | Version |
---|---|---|---|
@blackprint/engine | lt | 0.9.2 | |
@blackprint/engine | ge | 0.8.12 |