Description
vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts.
Remediation
References
https://cwe.mitre.org/data/definitions/1321.html
https://github.com/Tencent/vConsole/issues/616
Related Vulnerabilities
CVE-2020-28434 Vulnerability in npm package gitblame
CVE-2022-36893 Vulnerability in maven package org.jenkins-ci.plugins:rpmsign-plugin
CVE-2019-11002 Vulnerability in maven package org.webjars.npm:materialize-css
CVE-2021-46366 Vulnerability in maven package info.magnolia:magnolia-core
CVE-2020-10705 Vulnerability in maven package io.undertow:undertow-core