Severity: Low2019-10-29 17:48:14
CVE-2019-11358 allow intruders to extend the native Object.prototype
when
an unsanitized source object contained an enumerable __proto__
property.
Product | Severity | Fixed Release Availability |
Oxygen XML Editor | Low | Resolved |
Oxygen XML Developer | Low | Resolved |
Oxygen XML Author | Low | Resolved |
Oxygen WebHelp | Low | Resolved |
CVE-2019-11358
Severity: Low
CVSS Score: 4.3
jQuery before 3.4.0 mishandles jQuery.extend(true, {}, ...)
because of
Object.prototype
pollution. If an unsanitized source object contained an
enumerable __proto__
property, it could extend the native
Object.prototype
.
This website was created & generated with <oXygen/>®XML Editor