Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Prototype Pollution
Vulnerability Description
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
litespeed.js 安全漏洞
Vulnerability Description
litespeed.js是一个精简和快速的微型 JavaScript 框架。 litespeed.js 0.3.12之前版本存在安全漏洞,该漏洞源于getJsonFromUrl函数中解析查询字符串时,在结果对象中设置的键没有得到适当的清理,从而导致Prototype Pollution漏洞。
CVSS Information
N/A
Vulnerability Type
N/A