CVE-2021-23444

This affects the package jointjs before 3.4.2. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function.
Configurations

Configuration 1

cpe:2.3:a:client:jointjs:*:*:*:*:*:node.js:*:*

Information

Published : 2021-09-21 05:15

Updated : 2021-10-02 02:12


NVD link : CVE-2021-23444

Mitre link : CVE-2021-23444

Products Affected
No products.
CWE