CVE-2024-12629
Progress Telerik KendoReact (versions 3.5.0–9.4.0) is affected by a prototype pollution vulnerability where an attacker can modify properties on the global prototype chain, potentially leading to denial of service or command injection. The root cause is manipulation of global prototypes, enabling...