Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-8203)

Description

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

Remediation

References

Related Vulnerabilities

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.29)

WordPress Plugin PWAMP PHP Object Injection (1.0.0)

WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5)

WordPress Plugin Essential Addons for Elementor Server-Side Request Forgery (2.9.8)

Django Other Vulnerability (CVE-2009-3695)

Severity

High

Classification

CVE-2020-8203 CWE-1321 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

Tags

Missing Update Known Vulnerabilities