Cross-Site Scripting (XSS)

serialize-javascript is vulnerable to cross-site scripting XSS. Unsafe characters are not properly validated and sanitized in serialized regular expressions, allowing an attacker to inject and execute arbitrary Javascript into a victim's browser. This vulnerability is not affected on Node.js...

CVE-2019-16769

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting XSS. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of...

CVE-2019-16769

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting XSS. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of...

Cross site scripting

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting XSS. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of...

CVE-2019-16769

The CVE-2019-16769 issue affects the npm package serialize-javascript prior to version 2.1.1, which is vulnerable to Cross-site Scripting (XSS) due to unsafe characters in serialized regular expressions. Node.js environments are not affected because RegExp.prototype.toString() escapes forward sla...

CVE-2019-16769 Affected versions of serialize-javascript are vulnerable to Cross-site Scripting (XSS)

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting XSS. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of...

1.1.0 (=1.0.0), 1c (>=6.2.0 <=8.17.2) +11752 more potentially affected by CVE-2019-16769 via serialize-javascript (>=1.0.0 <=2.1.0)

serialize-javascript NPM version =1.0.0, =6.2.0, =0.1.0, =0.0.1, =2.0.0, =0.1.0, =0.24.0, =0.1.4, =0.1.0, =1.0.0-beta.1, =1.0.4, =0.1.1, =0.1.99 and more Source cves: CVE-2019-16769 Source advisory: OSV:GHSA-H9RV-JMMF-4PGX...

GHSA-H9RV-JMMF-4PGX Cross-Site Scripting in serialize-javascript

Versions of serialize-javascript prior to 2.1.1 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize serialized regular expressions. This vulnerability does not affect Node.js applications. Recommendation Upgrade to version 2.1.1 or later...

Cross-Site Scripting in serialize-javascript

Versions of serialize-javascript prior to 2.1.1 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize serialized regular expressions. This vulnerability does not affect Node.js applications. Recommendation Upgrade to version 2.1.1 or later...

The React application in the most common XSS exploits and Defense-vulnerability warning-the black bar safety net

The author has been firmly React technology stack of the user, and therefore will pay attention to the React application security related topics. The author in my ownReact+Redux+Webpack2scaffolding the third level also uses a lot of server-side rendering/isomorphism straight out of the technology...