CVE

CVE-2017-1001003

CVE-2017-1001003

math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.

Source: CVE-2017-1001003

Exit mobile version