EPSS
Percentile
79.9%
dot-notes is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/whitfin/dot-notes-js/blob/v3.2.0/lib/create.js#L19-L46