cve/CVE-2023-0842.md at dd6a10065df501f0a524d47b55e162f16811ba93

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the proto property to be edited.

POC

Reference

No PoCs from references.

Github

https://github.com/cristianovisk/intel-toolkit
https://github.com/seal-community/patches

750 B Raw Blame History

CVE-2023-0842

Description

POC

Reference

Github

750 B

Raw Blame History