-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| express-xss-sanitizer | npm | < 1.1.3 | 1.1.3 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from improper prototype pollution protections in options handling. The pre-patch code in lib/sanitize.js checked 'if (Array.isArray(options.allowedTags)...' without first verifying the property exists directly on the options object using Object.hasOwn(). This allowed attackers to pollute Object.prototype.allowedTags to bypass sanitization. The commit added Object.hasOwn() checks to prevent prototype chain pollution, confirming this was the vulnerable function. The added test case demonstrates prototype pollution via Object.prototype.allowedTags manipulation that was possible before this fix.
JavaScriptJavaScriptOngoing coverage of React2Shell