EPSS
Percentile
65.1%
oro/platform is vulnerable to prototype pollution. An attacker is able to inject arbitrary properties into existing construct prototypes and modify attributes such as __proto__, constructor[prototype], and constructor.prototype.
__proto__
constructor[prototype]
constructor.prototype
github.com/oroinc/platform/commit/62c26936b3adee9c20255dcd9f8ee5c299b464a9
github.com/oroinc/platform/security/advisories/GHSA-jx5q-g37m-h5hj