CVE-2021-23444
This affects the package jointjs before 3.4.2.
A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function.
Source: CVE-2021-23444
CVE-2021-23444
This affects the package jointjs before 3.4.2.
A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function.
Source: CVE-2021-23444