EPSS
Percentile
42.0%
mpath is vulnerable to prototype pollution. An attacker is able to inject arbitrary properties into Object.prototype to add or modify the path values.
Object.prototype
hackerone.com/reports/390860