💻
Application Security Cheat Sheet
Ctrlk
  • Application Security Cheat Sheet
  • Android Application
    • Overview
    • Intent Vulnerabilities
    • WebView Vulnerabilities
  • CI/CD
    • Dependency
    • GitHub
  • Cloud
    • AWS
  • Container
    • Overview
    • Escaping
    • Container Analysis Tools
  • Framework
    • Spring
    • React
  • Linux
    • Overview
    • Bash Tips
  • iOS Application
    • Overview
    • Getting Started
  • Resources
    • Lists
    • Researching
    • Software
    • Training
  • Web Application
    • Abusing HTTP hop-by-hop Request Headers
    • Broken Authentication
    • Command Injection
    • Content Security Policy
    • Cookie Security
    • CORS Misconfiguration
    • File Upload Vulnerabilities
    • GraphQL Vulnerabilities
    • HTML Injection
    • HTTP Header Security
    • HTTP Request Smuggling
    • Improper Rate Limits
    • JavaScript Prototype Pollution
    • JSON Web Token Vulnerabilities
    • OAuth 2.0 Vulnerabilities
    • Race Condition
    • Server Side Request Forgery
    • SVG Abuse
    • Weak Random Generation
    • Web Cache Poisoning
Powered by GitBook
On this page
  1. Web Application

JavaScript Prototype Pollution

Logoprototype-pollution-nsec18/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf at master · HoLyVieR/prototype-pollution-nsec18GitHub
LogoJavaScript prototype pollution: practice of finding and exploitationMedium
LogoWhat is a Prototype Pollution vulnerability and how does page-fetch help? - Labs DetectifyLabs Detectify
LogoGitHub - BlackFan/client-side-prototype-pollution: Prototype Pollution and useful Script GadgetsGitHub

References

  • Exploiting prototype pollution – RCE in Kibana (CVE-2019-7609)

PreviousImproper Rate LimitsNextJSON Web Token Vulnerabilities

Last updated 3 years ago