EPSS
Percentile
69.0%
sails is vulnerable to prototype pollution. The function loadActionModules() allows an attacker to modify attributes such as __proto__, constructor and prototype.
loadActionModules()
__proto__
constructor
prototype
github.com/balderdashy/sails/blob/master/lib/app/private/controller/load-action-modules.js#L32
github.com/balderdashy/sails/issues/7209
github.com/Marynk/JavaScript-vulnerability-detection/blob/main/sailsJS%20PoC.zip