Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Joomla Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) Vulnerability - CVE-2019-11358 - Vulnerability Database
Joomla

Joomla Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) Vulnerability - CVE-2019-11358

Medium
Reference: CVE-2019-11358
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-11358
Title: Joomla Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) Vulnerability
Overview:

jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype.