1 matches found
Prototype Pollution
convict is vulnerable to prototype pollution. The vulnerability exists in the convict function in main.js due to improper validation of attribute type which allows an attacker to crash the system by injecting arbitrary code...