Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
jszip Vulnerability - CVE-2021-23413 - Vulnerability Database
jszip

jszip Vulnerability - CVE-2021-23413

Medium
Reference: CVE-2021-23413
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-23413
Title: jszip Vulnerability
Overview:

This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g __proto__ toString etc) results in a returned object with a modified prototype instance.