3 matches found
Prototype Pollution
plotly.js is vulnerable to Prototype pollution. The vulnerability is caused due to missing validation against the proto attribute and other internal getters and setters. An attacker can pollute the prototype with properties containing harmful values, which is subsequently used by application...
SUSE CVE-2016-1679
The ToV8Value function in content/child/v8valueconverterimpl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via...
Google Chrome Developer Tools vulnerability exploit-vulnerability warning-the black bar safety net
0x00 introduction The story originated in the Chromium source code in the named InjectedScriptSource.js files, this file is responsible for the console in the command execution. Maybe a lot of people would say: 【Wait! Why is the JavaScript in charge of the command execution,Chromium/Chrome is not...