🐊Prototype pollution
https://portswigger.net/web-security/learning-paths/prototype-pollution
Prototype pollution is a JavaScript vulnerability that enables an attacker to add arbitrary properties to global object prototypes, which may then be inherited by user-defined objects.
Reminder on JavaScript Objects:
A JavaScript object is essentially just a collection of key:value
pairs known as "properties".
Some JavaScript properties can execute functions:
Last updated