CVE-2019-11358
jquery-rails Moderate
Other
Discovered 12 months ago
Published over 2 years ago
Category: Other
Severity: Moderate

jQuery before 3.4.0 mishandles jQuery.extend(true, {}, …) because of bject.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

CVSS Metrics
Access Vector Access Complexity Authentication Confidentiality Impact Integrity Impact Availability Impact
n/a n/a n/a n/a n/a n/a
Patched Versions

>= 4.3.4

Unaffected Versions

n/a

References

n/a