Multi-Ini · Multi-Ini · CVE-2020-28460
**Name of the Vulnerable Software and Affected Versions**
multi-ini versions prior to 2.1.2
**Description**
The issue allows an object's prototype to be polluted by specifying the constructor.proto object as part of an array, effectively bypassing a previous security measure.
**Recommendations**
For versions prior to 2.1.2, update to version 2.1.2 or later to resolve the issue.