8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-20087

GHSA ID

GHSA-xg68-chx2-253g

EPSS Score

0.65791%

CWE

CWE-1321

Published

5/24/2021

Updated

2/1/2023

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-20087

CVE-2021-20087: Prototype Pollution in jquery-deparam

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam allows a malicious user to inject properties into Object.prototype.

(GitHub Advisory)

8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-20087

GHSA ID

GHSA-xg68-chx2-253g

EPSS Score

0.65791%

CWE

CWE-1321

Published

5/24/2021

Updated

2/1/2023

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
jquery-deparam	npm	<= 0.5.3

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

Improp*rly *ontroll** Mo*i*i**tion o* O*j**t Prototyp* *ttri*ut*s ('Prototyp* Pollution') in jqu*ry-**p*r*m *llows * m*li*ious us*r to inj**t prop*rti*s into O*j**t.prototyp*.

Reasoning

No *n*lysis *v*il**l*

8.8

Basic Information

Concerned about an active attack path?

CVE-2021-20087: Prototype Pollution in jquery-deparam

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI