![]() ![]() When calling fetch, there is an optional argument that accepts an object - this allows you to control headers, body parameters, etc. Functions that accept objects as arguments can be polluted just like any other object. ![]() I was quite surprised to discover that some JavaScript APIs in the browser contain prototype pollution gadgets. Prototype pollution gadgets in browser JavaScript APIs In this post we're going to talk about CSPP gadgets in browser APIs and how we found them in common libraries too. ![]() A way to use a poisoned prototype for an actual exploit, referred to as a prototype pollution gadget.A way to poison the prototype, referred to as a prototype pollution source.Just to recap, a successful CSPP exploit requires two components: If you're not already familiar with Client-Side Prototype Pollution, check out the post above. We recently launched a new version of DOM Invader that can find Client-Side Prototype Pollution (CSPP). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |