Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
jszip Vulnerability - CVE-2021-23413 - Vulnerability Database
jszip

jszip Vulnerability - CVE-2021-23413

Medium
Reference: CVE-2021-23413
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-23413
Title: jszip Vulnerability
Overview:

This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g __proto__ toString etc) results in a returned object with a modified prototype instance.