May 25, 2024 · Successful exploitation of prototype pollution requires three key components: A Prototype Pollution Source: This is any input that enables an attacker to poison prototype …

Oct 15, 2020 · Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such …

Oct 29, 2020 · This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options …

Oct 29, 2020 · This vulnerability affects the package chart.js before version 2.9.4. The issue lies in the improper sanitization of the options parameter during processing. When options are …

Oct 29, 2020 · This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options …

Oct 29, 2020 · A vulnerability was found in chart.js up to 2.9.3. It has been classified as critical. This vulnerability is uniquely identified as CVE-2020-7746. It is recommended to upgrade the …

This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options (or the defaults …

May 10, 2021 · Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability. Attack complexity: More severe for the …

I would like to report a prototype pollution vulnerability in chart.js It allows an attacker to inject properties on Object.prototype which can for some applications lead to XSS.

chart.js is a Simple HTML5 charts using the canvas element. Affected versions of this package are vulnerable to Prototype Pollution. The options parameter is not properly sanitized when it …