EPSS
Percentile
38.8%
sds is vulnerable to prototype pollution.The vulnerability exists due to an incomplete of CVE-2020-7618 where an injection of attributes can pollute the properties of the Object.prototype by the attacker using the set function in js/set.js,
Object.prototype
set
js/set.js
github.com/monsterkodi/sds/blob/master/js/set.js
github.com/monsterkodi/sds/blob/master/js/set.js#L31