xsspresso
xsspresso
Tags/ Node.js

Node.js

2 writeups tagged with Node.js

WebMediumLinux

HTB — Expressway

Express.js prototype pollution vulnerability leads to remote code execution via deserialization of a crafted payload.

#Prototype Pollution#Node.js#Deserialization
Sep 27, 2025HackTheBox
WebMediumLinux

HTB — Node

Node.js API endpoint exposes hashed admin credentials. MongoDB backup decryption and SUID binary analysis for root.

#Node.js#MongoDB#API
Apr 5, 2022HackTheBox