Invicti identified a potential Prototype Pollution vulnerability in the application..
Regular expressions identified fragments of code indicative of potentially vulnerable libraries. It's important to note that the webpage may not utilize all parts of the JavaScript file.
Attackers can manipulate object prototypes, leading to unexpected behavior, data tampering, and potential compromise of the application.
Use the Object.freeze()
method on critical objects, such as Object.prototype
, to prevent modification of properties and the addition of new properties.Alternatively, consider using Object.seal()
if changes to existing property values are allowed.
You can search and find all vulnerabilities