Description
A prototype pollution vulnerability was found in module mpath <0.5.1 that allows an attacker to inject arbitrary properties onto Object.prototype.
Remediation
References
https://hackerone.com/reports/390860
Related Vulnerabilities
CVE-2022-23461 Vulnerability in npm package jodit
CVE-2020-15096 Vulnerability in maven package org.webjars.npm:electron
CVE-2012-1833 Vulnerability in maven package org.grails:grails-core
CVE-2021-41184 Vulnerability in maven package org.webjars:jquery-ui
CVE-2020-14966 Vulnerability in maven package org.webjars.bower:jsrsasign