Prototype Pollution in mithril
Affected versions of mithrilare vulnerable to prototype pollution. The function parseQueryString may allow a malicious user to modify the prototype of Object, causing the addition or modification of an existing property that will exist on all objects. A payload such as proto%5BtoString%5D=123 in the query string would change the toString() function to 123. If you are using mithril, upgrade to or later. If you are using mithril, upgrade to or …