Filtered by vendor Rangy Project Subscriptions
Filtered by product Rangy Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-26102 1 Rangy Project 1 Rangy 2024-11-21 7.5 High
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype