Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js

Prototype pollution is a dangerous vulnerability affecting prototype-based
languages like JavaScript and the Node.js platform. It refers to the ability of
an attacker to inject properties into an object’s root prototype at runtime and
subsequently trigger… Read more