backbone-query-parameters is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as __proto__
, constructor
and prototype
.
CPE | Name | Operator | Version |
---|---|---|---|
backbone-query-parameters | eq | 0.4.0 | |
backbone-query-parameters | le | 0.4.0 |