CVE-2019-10781

Published January 22nd, 2020

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector.

schema-inspector/schema-inspector

Schema-Inspector is a simple JavaScript object sanitization and validation module.

GitHub

503