Description
In NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can occur via an import action.
Remediation
References
https://github.com/nasa/openmct/compare/v3.0.2...v3.1.0
https://github.com/nasa/openmct/pull/7094/commits/545a1770c523ecc3410dca884c6809d5ff0f9d52
https://nasa.github.io/openmct/
https://www.linkedin.com/pulse/prototype-pollution-nasas-open-mct-cve-2023-45282
Related Vulnerabilities
CVE-2018-14042 Vulnerability in npm package bootstrap
CVE-2022-23106 Vulnerability in maven package io.jenkins:configuration-as-code
CVE-2022-25766 Vulnerability in npm package ungit
CVE-2016-10531 Vulnerability in maven package org.webjars.bower:marked
CVE-2021-43116 Vulnerability in maven package com.alibaba.nacos:nacos-client