total.js is vulnerable to prototype pollution. The keys of the path being set are not properly sanitized, allowing for injection of arbitrary properties into existing construct prototypes and modification of attributes such as __proto__
, constructor
and prototype
.