CVE-2019-5428

A prototype pollution vulnerability exists in jQuery versions < 3.4.0 that allows an attacker to inject properties on Object.prototype.
Source: NIST
CVE-2019-5428