3 matches found
CVE-2021-43852
OroPlatform is a PHP Business Application Platform. In affected versions by sending a specially crafted request, an attacker could inject properties into existing JavaScript language construct prototypes, such as objects. Later this injection may lead to JS code execution by libraries that are...
CVE-2021-43852
CVE-2021-43852 (OroPlatform) : A prototype pollution flaw allows an attacker to inject properties into JavaScript prototypes (e.g., Object prototypes) via specially crafted requests, potentially enabling JS code execution by vulnerable libraries. The issue is mitigated by patching to version 4.2....
CVE-2021-43852 JavaScript Prototype Pollution in oro/platform
OroPlatform is a PHP Business Application Platform. In affected versions by sending a specially crafted request, an attacker could inject properties into existing JavaScript language construct prototypes, such as objects. Later this injection may lead to JS code execution by libraries that are...