GHSA-QQGX-2P2H-9C37 ini before 1.3.6 vulnerable to Prototype Pollution via ini.parse
Overview The ini npm package before version 1.3.6 has a Prototype Pollution vulnerability. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context. Patch...