A Prototype Pollution issue in Blackprint @blackprint/engine v.0.9.0 allows an attacker to execute arbitrary code via the _utils.setDeepProperty function of engine.min.js.
[
{
"cpes": [
"cpe:2.3:a:blackprint:blackprint_engine:0.9.0:*:*:*:*:*:*:*"
],
"vendor": "blackprint",
"product": "blackprint_engine",
"versions": [
{
"status": "affected",
"version": "0.9.0"
}
],
"defaultStatus": "unknown"
}
]