Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-11358 PoC — jQuery 跨站脚本漏洞

Source
https://github.com/isacaya/CVE-2019-11358
Associated Vulnerability
Title:jQuery 跨站脚本漏洞 (CVE-2019-11358)
Description:jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Readme
# CVE-2019-11358 (Prototype Pollution)
A simple poc of prototype pollution that occurs in the jQuery's (<3.4.0) extension method.
* The first argument(deep) in the extend method must be true.
File Snapshot

 [4.0K]  /data/pocs/6b92f686c0ad2de57eba0ec356a033012ef53565
├── [ 521]  PoC.html
└── [ 192]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →