Proof of concept
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
16 Feb 2022
24 Jan 2022
Alessio Della Libera of Snyk Research Team
How to fix?
litespeed.js to version 0.3.12 or higher.
Affected versions of this package are vulnerable to Prototype Pollution. When parsing the query string in the
getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution vulnerability.
add the following query string
open the browser developer console. The property