Prototype Pollution
object-extend is vulnerable to prototype pollution. The vulnerability exists in extend function of extend.js which allows an attacker to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...