PT-2021-13766 · Unknown · Mootools-More
Published
2021-04-23
·
Updated
2023-08-08
·
CVE-2021-20088
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
mootools-more version 1.6.0
Description:
The issue is related to 'Prototype Pollution' where a malicious user can inject properties into Object.prototype due to improperly controlled modification of object prototype attributes.
Recommendations:
For mootools-more version 1.6.0, update to a version that fixes the 'Prototype Pollution' issue to prevent malicious users from injecting properties into Object.prototype.
Exploit
Fix
Prototype Pollution
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mootools-More