A link is made between the object instance and its prototype ( __proto__ property, which contains basic functionalities such as toString, constructor and hasOwnProperty), and the properties and methods are found by walking up the chain of prototypes.
This vulnerability may lead to:
Remote code execution by forcing the code path that the attacker injects
The issue can be found in the source code on the server side.
The issue can be found in the source code on the client side.
Add __proto__to the blacklist and do not copy this field.
Freeze Object.prototype using the Object.freeze() function. After that, the Object.prototype cannot be modified.
You can use an object without a prototype object, then modifying the prototype will not be possible:Object.create(null). But the disadvantage is that this object can break some functionality further. For example, someone might want to call toString() on this object.