Play AppSec WarGames
Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.
Class Pollution Vulnerability in Python - A New Type of Security Vulnerability
The challenge shows a variant of JavaScript’s Prototype Pollution in Python. Specially crafted JSON input can tamper with existing classes and modify their behaviour.
I have implemented this vulnerability the popular FastAPI framework.
Link to the challenge: Class Pollution.py
Give it a try and let’s us know what you think.
