Leon Sorokin

1 exploit Active since Oct 2024
CVE-2024-21489 WRITEUP HIGH WRITEUP
uplot < 1.6.31 - Prototype Pollution via uplot.assign Function
Versions of the package uplot before 1.6.31 are vulnerable to Prototype Pollution via the uplot.assign function due to missing check if the attribute resolves to the object prototype.
CVSS 8.2