JavaScript Prototype Pollution

What is JavaScript Prototype Pollution

By using prototypes in JavaScript we are able to overwrite objects and make them execute malicious code.

When application is vulnerable to Prototype Pollution?

In order for application to be vulnerable to prototype pollution it has to implement merge / extend function which is used to modifying objects in the system.

Prototype vs proto

Prototype is a property of constructor functions. __proto__ is a property of objects.

// Car = class
// c = implementation of class (object)

Car.prototype.move === c.__proto__.move

Video Explaination

PreviousPost Exploitation NextUnderstand the vulnerability

Last updated 6 months ago

hashtagWhat is JavaScript Prototype Pollution

hashtagWhen application is vulnerable to Prototype Pollution?

hashtagPrototype vs __proto__

hashtagVideo Explaination

What is JavaScript Prototype Pollution

When application is vulnerable to Prototype Pollution?

Prototype vs proto

Video Explaination