fix(security): fixed formToJSON prototype pollution vulnerability; (#6167)

2026-06-08 17:22:34 +03:00 · 2024-01-03 21:37:32 +02:00
parent 75af1cdff5
commit 3c0c11cade
2 changed files with 24 additions and 0 deletions
@@ -49,6 +49,9 @@ function arrayToObject(arr) {
 function formDataToJSON(formData) {
  function buildPath(path, value, target, index) {
    let name = path[index++];
+
+    if (name === '__proto__') return true;
+
    const isNumericKey = Number.isFinite(+name);
    const isLast = index >= path.length;
    name = !name && utils.isArray(target) ? target.length : name;