Prototype Pollution in Xdan Jodit
CVE-2026-55886
Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. Versions prior to 4.12.26 are vulnerable to Prototype Pollution through Jodit.modules.Helpers.set(chain, value, obj), which walks the dot…
Vulnerability class: Prototype Pollution
Affected products
- Xdan Jodit — versions < 4.12.26
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)