The taint flag is not propagated at JSON.parse vulnerability
Posted: Tue Nov 05, 2024 6:10 am
Failure to propagate the taint flag in `JSON.parse` results in data from untrusted sources being processed without necessary validation, which can allow malicious data to spread unchecked within applications. This vulnerability is critical for preventing injection attacks and securing application data handling in web environments.
https://hackerone.com/reports/459084
https://hackerone.com/reports/459084