CVE-2020-5259
CVE-2020-5259 affects the dojox npm package where the jqMix method is vulnerable to prototype pollution. The root cause is the ability to inject properties into JavaScript prototypes, enabling an attacker to overwrite base object prototypes. The entry notes patches in versions 1.11.10, 1.12.8, 1....