Name of the Vulnerable Software and Affected Versions: Saltcorn versions prior to a fixed version are affected, but the exact fixed version is not specified.

Description: The issue arises from the unsafe use of the lang and defstring parameter values in the /site-structure/localizer/save-string/:lang/:defstring endpoint, allowing for the pollution of the Object prototype. This can lead to several logic issues, including remote code execution (RCE) vulnerabilities by polluting the tempRootFolder property and SQL injection vulnerabilities by polluting the schema property when using a PostgreSQL database.

Recommendations: As a temporary workaround, consider validating and sanitizing the lang and defstring parameters to prevent pollution of the Object prototype. Restrict access to the /site-structure/localizer/save-string/:lang/:defstring endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.