Identifier

CVE-2020-7719

Package Slug

npm/locutus

Vulnerability

Improper Input Validation

Description

The locutus package is vulnerable to Prototype Pollution via the php.strings.parse_str function.

Affected Versions

All versions before 2.0.12

Solution

Upgrade to version 2.0.12 or above.

Last Modified

2020-09-03

source