Headline
GHSA-4xcx-cwrq-w792: Prototype Pollution in NASA Open MCT
In NASA Open MCT (aka openmct) before commit 545a177 is subject to a prototype pollution which can occur via an import action.
Prototype Pollution in NASA Open MCT
Moderate severity GitHub Reviewed Published Oct 6, 2023 to the GitHub Advisory Database • Updated Oct 9, 2023
Related news
CVE-2023-45281: Yamcs v5.8.6 Vulnerability Assessment
An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file.
CVE-2023-45282: Protect against prototype pollution in import action by davetsay · Pull Request #7094 · nasa/openmct
In NASA Open MCT (aka openmct) 2.2.5 before 545a177, prototype pollution can occur via an import action.