billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
The attack involves injecting arbitrary properties into the prototype of a JavaScript object through the vulnerable generate function. The prototype pollution mechanism (CWE-1321) allows an attacker to modify global JavaScript objects, which can lead to changes in application behavior in ways not intended by developers. Since the attack vector is network-based, it does not require local access or special privileges, which significantly increases the risk of vulnerability exploitation.
An attacker can execute arbitrary code in the context of the application (RCE) or cause its unavailability by triggering a DoS error. In both cases, loss of confidentiality, integrity, and availability of data is possible.
billboard.js should be updated as soon as possible to version 3.15.1 or newer, in which the vulnerability has been removed. Detailed information is available at: https://cve.naver.com/detail/cve-2025-49223.html
Naver billboard.js in all versions before 3.15.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNaver Billboard.js
APPNaver< 3.15.1
Related vulnerabilities
billboard.js before 3.18.0 allows an attacker to execute malicious JavaScript due to improper sanitization dur...
RCE w Naver nGrinder — niebezpieczna deserializacja przez SnakeYAML
RCE przez niebezpieczną deserializację obiektów Java w Naver nGrinder
Naver nGrinder — RCE przez złośliwy serwer JMX/RMI
NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml fi...