|Portswigger Academy Prototype pollution Labs|
Depending on the exact logic of the application, prototype pollution can lead to practically all popular web vulnerabilities: remote code execution (RCE), cross-site scripting ( XSS ), SQL injection, and so on.
Detecting server-side prototype pollution without polluted property reflection
Bypassing flawed input filters for server-side prototype pollution
Exfiltrating sensitive data via server-side prototype pollution