CVE-2018-16489

EPSS 1.8%CWE-400

A prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its functions.

Affected products

HackerOne · just-extend

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://hackerone.com/reports/430291