AI Score
Confidence
Low
EPSS
Percentile
50.1%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue.
[
{
"cpes": [
"cpe:2.3:a:allpro:form-manager:0.7.4:*:*:*:*:*:*:*"
],
"vendor": "allpro",
"product": "form-manager",
"versions": [
{
"status": "affected",
"version": "0.7.4"
}
],
"defaultStatus": "unknown"
}
]