Vulnerabilities > CVE-2019-10768 - Unspecified vulnerability in Angularjs Angular.Js

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
angularjs
NVD
Published: 2019-11-19
Updated: 2023-11-07

Summary

In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.

Vulnerable Configurations

Part Description Count
Application
Angularjs
203

References