Vulnerabilities > CVE-2021-20085 - Unspecified vulnerability in Backbone-Query-Parameters Project Backbone-Query-Parameters 0.4.0

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
backbone-query-parameters-project

Summary

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in backbone-query-parameters 0.4.0 allows a malicious user to inject properties into Object.prototype.

Vulnerable Configurations

Part Description Count
Application
Backbone-Query-Parameters_Project
1