feathers-sequelize is vulnerable to prototype pollution. The vulnerability exists in the cleanQuery
method due to the use of insecure recursive logic to filter unsupported keys from the query object, which allows an attacker to inject malicious properties resulting in prototype pollution.
CPE | Name | Operator | Version |
---|---|---|---|
feathers-sequelize | le | 6.3.2 | |
feathers-sequelize | le | 6.3.2 |