Merge pull request #10053 from 418sec/1-npm-mongoose

Security Fix for Prototype Pollution - huntr.dev
Automattic · Mar 22, 2021 · 91f003a · 91f003a
2 parents 00e059d + 3ed44ff
commit 91f003a
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/lib/schema.js b/lib/schema.js
@@ -466,6 +466,11 @@ Schema.prototype.add = function add(obj, prefix) {
   }
 
   prefix = prefix || '';
+  // avoid prototype pollution
+  if (prefix === '__proto__.' || prefix === 'constructor.' || prefix === 'prototype.') {
+        return this;
+  }
+
   const keys = Object.keys(obj);
 
   for (const key of keys) {