2 matches found
Prototype Pollution
Rollbar.js is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of object merging in the merge function when rollbar.configure is called with untrusted input, which allows an attacker to manipulate object prototypes and potentially alter application behavior...
GHSA-XCG2-9PP4-J82X rollbar vulnerable to Prototype Pollution in merge()
Impact Prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible. Patches Fixed in 2.26.5 and 3.0.0-beta5. Workarounds Ensure that values passed to rollbar.configure do not contain untrusted input. References Fixe...