CVE-2025-57324
24.09.2025, 21:15
parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.