Prototype Pollution

Lab: DOM XSS via client side prototype pollutionLab: DOM XSS via an alternative prototype pollution vectorLab: Client side prototype pollution via flawed sanitizationLab: Client side prototype pollution in third party librariesLab: Client side prototype pollution via browser APIsLab: Privilege escalation via server side prototype pollutionLab: Detecting server side prototype pollution without polluted property reflectionLab: Bypassing flawed input filters for server side prototype pollutionLab: Remote code execution via server side prototype pollutionLab: Exfiltrating sensitive data via server side prototype pollution
PreviousLab: Performing CSRF exploits over GraphQLNextLab: DOM XSS via client side prototype pollution