Description
In NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can occur via an import action.
Remediation
References
https://github.com/nasa/openmct/compare/v3.0.2...v3.1.0
https://github.com/nasa/openmct/pull/7094/commits/545a1770c523ecc3410dca884c6809d5ff0f9d52
https://nasa.github.io/openmct/
https://www.linkedin.com/pulse/prototype-pollution-nasas-open-mct-cve-2023-45282
Related Vulnerabilities
CVE-2019-19771 Vulnerability in npm package commanedr
CVE-2022-29078 Vulnerability in npm package ejs
CVE-2020-5229 Vulnerability in maven package org.opencastproject:opencast-common-jpa-impl
CVE-2022-43183 Vulnerability in maven package com.xuxueli:xxl-job
CVE-2022-20612 Vulnerability in maven package org.jenkins-ci.main:jenkins-core