logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Gareth Heyes
2023-02-15

tldr - powered by Generative AI

The presentation discusses the detection and prevention of Prototype Pollution vulnerabilities in JavaScript applications.
  • Prototype Pollution vulnerabilities can be exploited to execute malicious code in JavaScript applications
  • The Prototype Pollution scanner can be used to detect and prevent these vulnerabilities
  • Object.freeze or seal methods can be used to protect against Prototype Pollution
  • Inherited properties in parameter names or values can be used to leak JavaScript native code
  • Detection of JavaScript engines can be done by looking for specific inherited properties