Skip to content

prototype override protection bypass problem still exists. #200

New issue
New issue
Closed
#201
Closed
prototype override protection bypass problem still exists.#200
#201
Labels
bugparsesecurity
@myvyang

Description

@myvyang
myvyang
opened on Mar 2, 2017

as the bug https://snyk.io/vuln/npm:qs:20170213 report fixed, but the other bypass

a = qs.parse("[=toString", {allowPrototypes: false})
// { toString: true }

still exists.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugparsesecurity

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions