Description Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. Remediation References CVE-2020-8203 Related Vulnerabilities Oracle JRE CVE-2012-5070 Vulnerability (CVE-2012-5070) WordPress 6.5 Cross-Site Scripting (6.5) IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9973) ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2044) Jetty Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-5046) Severity High Classification CVE-2020-8203 CWE-1321 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H Tags Missing Update Known Vulnerabilities