Severity: Low2019-10-29 17:48:14
CVE-2019-11358 allow intruders to extend the native Object.prototype
when
an unsanitized source object contained an enumerable __proto__
property.
Product | Severity | Fixed Release Availability |
Oxygen XML Editor | Low | Resolved |
Oxygen XML Developer | Low | Resolved |
Oxygen XML Author | Low | Resolved |
Oxygen WebHelp | Low | Resolved |
None
CVE-2019-11358
Severity: Low
CVSS Score: 4.3
jQuery before 3.4.0 mishandles jQuery.extend(true, {}, ...)
because of
Object.prototype
pollution. If an unsanitized source object contained an
enumerable __proto__
property, it could extend the native
Object.prototype
.
This issue was identified and responsibly reported by Stefan Vasile
If you require further assistance, or if you have any further questions regarding this security notice, please contact
This website was created & generated with <oXygen/>®XML Editor