Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2023-26136 MEDIUM

Tough-Cookie <4.1.3 - Prototype Pollution

CVE-2023-26135 HIGH

flatnest - Info Disclosure

CVE-2023-36475 CRITICAL

Parse Server <5.5.2, 6.2.1 - RCE

CVE-2023-26133 HIGH

progressbar.js - Info Disclosure

CVE-2023-26132 HIGH

Package dottie <2.0.4 - Info Disclosure

CVE-2023-2972 CRITICAL

Antfu Utils < 0.7.3 - Prototype Pollution

CVE-2023-32305 HIGH

Aiven < 1.1.9 - Prototype Pollution

CVE-2023-2582 MEDIUM

Strikingly - Prototype Pollution

CVE-2023-30857 LOW

Aedart Ion < 0.6.1 - Prototype Pollution

CVE-2023-30363 CRITICAL

Tencent Vconsole < 3.15.1 - Prototype Pollution

CVE-2023-30533 HIGH

Sheetjs < 0.19.3 - Prototype Pollution

CVE-2023-26122 HIGH

safe-eval - Sandbox Bypass

CVE-2023-26121 HIGH

safe-eval - Info Disclosure

CVE-2023-0842 MEDIUM

Xml2js < 0.5.0 - Prototype Pollution

CVE-2023-28427 HIGH

matrix-js-sdk <24.0.0 - Info Disclosure

CVE-2023-28103 HIGH

Matrix-react-sdk < 3.69.0 - Prototype Pollution

CVE-2023-26113 HIGH

collection.js <6.8.1 - Info Disclosure

CVE-2023-26106 HIGH

dot-lens - Info Disclosure

CVE-2023-26105 HIGH

Package Utilities - Prototype Pollution

CVE-2023-26102 HIGH

Rangy - Info Disclosure

CVE-2023-23917 HIGH

Rocket.Chat server <5.2.0 - RCE

CVE-2022-36060 HIGH

matrix-react-sdk <3.53.0 - DoS

CVE-2022-36059 HIGH

matrix-js-sdk <19.4.0 - Info Disclosure

CVE-2022-3901 HIGH

Visioglobe Visioweb - Prototype Pollution

CVE-2022-4742 MEDIUM

Json-pointer < 2022-2-17 - Prototype Pollution

Previous Page 9 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy