CVE-2025-57320

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Name of the Vulnerable Software and Affected Versions json-schema-editor-visual versions through 1.1.1

Description A Prototype Pollution issue exists in the setData and deleteData functions. Attackers can inject or delete properties on Object.prototype by providing a crafted payload, potentially leading to a denial of service (DoS).

Recommendations Update json-schema-editor-visual to a version later than 1.1.1.

Exploit

Fix

DoS

Prototype Pollution

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1321

Related Identifiers

CVE-2025-57320

GHSA-3C3P-XH4F-PFH7

Affected Products

Json-Schema-Editor-Visual

CVE-2025-57320

Weakness Enumeration

Related Identifiers

Affected Products

References · 9