You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We found that a maliciously crafted json can bypass the validation logics of jpv.
The vulnerability is from the following code: jpv leverages the built-in constructor of unsafe user-input to detect type information. However, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
We found that a maliciously crafted json can bypass the validation logics of jpv.
The vulnerability is from the following code: jpv leverages the built-in constructor of unsafe user-input to detect type information. However, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
jpv/index.js
Lines 117 to 125 in e93d2f6
Reproduce Script
The text was updated successfully, but these errors were encountered: