json-logic-js is vulnerable to Arbitrary Code Execution. The vulnerability exists in the jsonLogic
function of logic.js
due to improper sanitization to prevent prototype pollution in the operations
object, which allows an attacker to execute malicious code on the system.
CPE | Name | Operator | Version |
---|---|---|---|
json-logic-js | le | 2.0.0 | |
json-logic-js | le | 2.0.0 | |
json-logic-js | le | 2.0.0 | |
json-logic-js | le | 2.0.0 |