| Brand-new prototype pollution gadget in MongoDB leading to RCE |
|
|
|
| Hunting for Prototype Pollution gadgets in jQuery (intigriti 0124 challenge) |
|
|
|
| When not to rely on Automated Tools |
|
|
|
| New Vulnerability in protobufjs: Prototype Pollution - CVE-2023-36665 |
|
|
|
| Prototype Pollution in xml2js |
|
|
|
| A successful prototype pollution chained to a DOM XSS |
|
|
|
| Vulnerability write-up - "Dangerous assumptions" |
|
|
|
| Prototype Pollution in Python |
|
|
|
| Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js |
|
|
|
| But You Told Me You Were Safe: Attacking The Mozilla Firefox Renderer (Part 1) |
|
|
|
| Mining Node.js Vulnerabilities via Object Dependence Graph and Query |
|
|
|
| Remote Code Execution via Prototype Pollution in Blitz.js |
|
|
|
| Widespread prototype pollution gadgets |
|
|
|
| Prototype Pollution in fast-xml-parser |
|
|
|
| Insufficient Redirect URI validation: The risk of allowing to dynamically add arbitrary query parameters and fragments to the redirect_uri |
|
|
|
| "A tale of making internet pollution free" - Exploiting Client-Side Prototype Pollution in the wild |
|
|
|
| Supply Chain Pollution: Hunting a 16 Million Download/Week npm Package Vulnerability for a CTF Challenge |
|
|
|
writeups.xyz
/
Prototype Pollution