xml2js 0.4.23 - Prototype Pollution
Description
Prototype Pollution in xml2js <=0.4.23 via unvalidated JSON keys allows attackers to inject or modify object properties.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Prototype Pollution in xml2js <=0.4.23 via unvalidated JSON keys allows attackers to inject or modify object properties.
Root
Cause
The xml2js library, up to version 0.4.23, is vulnerable to Prototype Pollution. The parser fails to validate incoming JSON keys during XML-to-JSON conversion, allowing an attacker to inject a __proto__ property into the resulting object [1][2][4]. This is a classic JavaScript prototype pollution flaw: by setting __proto__ on a parsed object, an attacker can add or overwrite properties on all objects of that type, because the polluted property propagates through the prototype chain [4].
Exploitation
An external attacker can craft a malicious XML payload that, when parsed by xml2js, produces a JSON object containing a __proto__ key. Since the library does not sanitize or prevent the assignment of __proto__, the attacker effectively pollutes the base Object.prototype [2][4]. No authentication or special privileges are required; the vulnerability is triggered simply by parsing attacker-controlled XML input.
Impact
Successful exploitation allows the attacker to edit or add arbitrary properties to any JavaScript object in the application's runtime. This can lead to a variety of severe security consequences, including denial of service, arbitrary code execution, or bypassing security checks [4].
Mitigation
As of the publication date (April 2023), no official patch had been released [4]. The fixed version should use Object.create(null) to create parsed objects without a prototype, as suggested in a related pull request [3]. Users are advised to update to a patched version once available, or apply workarounds such as sanitizing XML input or using a different XML parser.
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
xml2jsnpm | < 0.5.0 | 0.5.0 |
Affected products
2- xml2js/xml2jsdescription
Patches
1cf3e061e22e9New release, 0.6.2
2 files changed · +3 −3
package.json+1 −1 modified@@ -6,7 +6,7 @@ "json" ], "homepage": "https://github.com/Leonidas-from-XIV/node-xml2js", - "version": "0.6.1", + "version": "0.6.2", "author": "Marek Kubica <marek@xivilization.net> (https://xivilization.net)", "contributors": [ "maqr <maqr.lollerskates@gmail.com> (https://github.com/maqr)",
package-lock.json+2 −2 modified@@ -1,12 +1,12 @@ { "name": "xml2js", - "version": "0.6.1", + "version": "0.6.2", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "xml2js", - "version": "0.6.1", + "version": "0.6.2", "license": "MIT", "dependencies": { "sax": ">=0.6.0",
Vulnerability mechanics
Root cause
"The xml2js library does not validate or sanitize XML element names, allowing an attacker to set the __proto__ property on the resulting JavaScript object, which leads to prototype pollution."
Attack vector
An attacker crafts a malicious XML document containing an element named `__proto__` with a nested child element (e.g., `__proto__ > polluted`). When xml2js parses this XML and converts it to a JavaScript object, the library assigns the nested value directly to the object's `__proto__` property without filtering. This pollutes the prototype chain of all objects in the application, enabling the attacker to inject arbitrary properties. The attack requires no authentication and can be delivered over any network path where the application accepts XML input for parsing.
Affected code
The vulnerability exists in the XML-to-JSON conversion logic of the xml2js library (versions prior to 0.6.2). The specific parser function that maps XML element names to JavaScript object keys does not filter out dangerous property names like `__proto__`. The patch shown in [patch_id=1641143] only updates version metadata; the actual code fix is in a separate commit not included in this bundle.
What the fix does
The patch shown in [patch_id=1641143] only bumps the version number from 0.6.1 to 0.6.2 in package.json and package-lock.json. The actual fix for the prototype pollution vulnerability is not visible in this diff — the version bump indicates a new release was cut, but the repository's commit history would contain the substantive sanitization logic elsewhere. The fix likely involves filtering or rejecting keys named `__proto__`, `constructor`, or `prototype` during XML-to-object conversion to prevent prototype pollution.
Preconditions
- inputThe application must accept and parse attacker-controlled XML input using xml2js.
- networkThe attacker must be able to send a crafted XML payload to the application (e.g., via HTTP request body).
Generated on May 23, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
8- github.com/Leonidas-from-XIV/node-xml2js/releases/tag/0.6.2mitrepatch
- fluidattacks.com/advisories/myers/mitrethird-party-advisory
- github.com/advisories/GHSA-776f-qx25-q3ccghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-0842ghsaADVISORY
- fluidattacks.com/advisories/myersghsaWEB
- github.com/Leonidas-from-XIV/node-xml2js/issues/663ghsaWEB
- github.com/Leonidas-from-XIV/node-xml2js/pull/603/commits/581b19a62d88f8a3c068b5a45f4542c2d6a495a5ghsaWEB
- lists.debian.org/debian-lts-announce/2024/03/msg00013.htmlghsamailing-listWEB
News mentions
0No linked articles in our index yet.