Prototype pollution is a class of vulnerabilities in
JavaScript runtimes that allows attackers to overwrite arbitrary properties in an object's prototype.[1][2][3]
References
^Li, Song; Kang, Mingqing; Hou, Jianwei; Cao, Yinzhi (2021-08-18). "Detecting Node.js prototype pollution vulnerabilities via object lookup analysis". Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ESEC/FSE 2021. New York, NY, USA: Association for Computing Machinery. pp. 268–279.
doi:10.1145/3468264.3468542.
ISBN978-1-4503-8562-6.
Prototype pollution is a class of vulnerabilities in
JavaScript runtimes that allows attackers to overwrite arbitrary properties in an object's prototype.[1][2][3]
References
^Li, Song; Kang, Mingqing; Hou, Jianwei; Cao, Yinzhi (2021-08-18). "Detecting Node.js prototype pollution vulnerabilities via object lookup analysis". Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ESEC/FSE 2021. New York, NY, USA: Association for Computing Machinery. pp. 268–279.
doi:10.1145/3468264.3468542.
ISBN978-1-4503-8562-6.