Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
*Sourced from The GitHub Security Advisory Database.* > **High severity vulnerability that affects angular** > In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload. > > Affected versions: ["< 1.7.9"] This is similar to pull request #1229 but needed a manual patch since this is part of the deprecated bower dependency management.
- Loading branch information