EPSS
Percentile
79.9%
confucious is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/Real-Serious-Games/confucious/blob/v0.0.12/confucious.js#L28-L50