set-or-get is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes in function SetOrGet
and modify attributes such as __proto__
, constructor
and prototype
.
CPE | Name | Operator | Version |
---|---|---|---|
set-or-get | le | 1.2.10 |