Overview
Verisons of morgan
before 1.9.1 are vulnerable to code injection when user input is allowed into the filter or combined with a prototype pollution attack.
Remediation
Update to version 1.9.1 or later.
Resources
Have content suggestions? Send them to [email protected]
Advisory timeline
Created
2018-11-09T19:08:17.215ZUpdated
2018-11-09T19:08:31.825Z