AngularJS - Prototype Pollution Vulnerability under 1.7.9
Impact area
Security
Severity
High
Affected element
ServiceNow
UI Script
Salesforce
Static Resource
Stat
Rule number
SN-JSL-003 (for ServiceNow)
SF-JSL-003 (for Salesforce)
Impact
Versions of AngularJS lower than 1.7.9 are vulnerable to Prototype Pollution attacks.
Remediation
Update angular.js to the latest version.
Time to fix
30 min
References
This rule is linked to CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution').