CVE-2020-7643

Published April 23rd, 2020

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

paypal-adaptive through 0.4.2 manipulation of JavaScript objects resulting in Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.

Ideame/paypal-adaptive-sdk-nodejs

Node.js sdk for Paypal Adaptive Payments API

GitHub