SandboxJS is vulnerable to a critical escape and prototype pollution flaw that allows unauthenticated attackers to gain persistent control over the host environment.

By shadowing hasOwnProperty on a sandboxed object, an unauthenticated attacker can disable security checks in the property-access path. This grants direct access to blocked properties like proto, leading to host-level Object.prototype pollution.

The ability to pollute the host's Object.prototype allows for persistent attacks that can affect all subsequent sandboxes and the main application logic. The CVSS score of 10.0 reflects the total loss of confidentiality, integrity, and availability once the sandbox is escaped.

Immediate Action: Immediately upgrade SandboxJS to version 0.8.29 to patch the property-access validation logic.

Proactive Monitoring: Audit sandboxed scripts for attempts to redefine core JavaScript methods or access sensitive prototype properties.

Compensating Controls: Employ strict Content Security Policies (CSP) and minimize the permissions of the environment hosting the JavaScript engine to reduce the attack surface.

Public Exploit Available: No

This vulnerability represents a fundamental failure of the sandbox's isolation mechanisms. We recommend an immediate transition to version 0.8.29 to mitigate the risk of host-level compromise and persistent cross-session attacks.