Imagine this: You're browsing your favourite online shop, adding those must-have items to your cart, when suddenly, a hacker decides to crash your ...
For further actions, you may consider blocking this person and/or reporting abuse
Okay this is what I call quality content🔥
Thank you :)
Glad you liked it
Crazy that libs like jquery and lodash had been affected by it!
Could functional style of programming limit the existence of this vuln?
Huh! A good food for thought.
Maybe a topic for another blog. 😉
Always 50% off sale going on?
Has this ever been an IRL concern outside some reported vulns?
Of course it is. Prototype pollution can lead to more sever attacks like XSS, RCE, bypassing authentication, request forgery and the list goes on. And prototype pollution is very easy to exploit as we saw in this blog. :)
Didn't know about this. Brilliant!
The more you know :)
Now, this is cool!
Thank you :)
That's great if you want to have a rock solid frontend, free of probably scams or phishings using this, but I'd add a clarification that this will never work if there is server side checks on all items, discount codes and prices... no one in the right mind would trust a price value coming from the frontend.
What an Amazing read brother 🔥
Waiting for next one