CVE-2019-16769 Affected versions of serialize-javascript are vulnerable to Cross-site Scripting (XSS)

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting XSS. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of...

1.1.0 (=1.0.0), 1c (>=6.2.0 <=8.17.2) +11747 more potentially affected by CVE-2019-16769 via serialize-javascript (>=1.0.0 <=2.1.0)

serialize-javascript NPM version =1.0.0, =6.2.0, =0.1.0, =0.0.1, =2.0.0, =0.1.0, =0.24.0, =0.1.4, =0.1.0, =1.0.0-beta.1, =1.0.4, =0.1.1, =0.1.99 and more Source cves: CVE-2019-16769 Source advisory: OSV:GHSA-H9RV-JMMF-4PGX...

GHSA-H9RV-JMMF-4PGX Cross-Site Scripting in serialize-javascript

Versions of serialize-javascript prior to 2.1.1 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize serialized regular expressions. This vulnerability does not affect Node.js applications. Recommendation Upgrade to version 2.1.1 or later...

Cross-Site Scripting in serialize-javascript

Versions of serialize-javascript prior to 2.1.1 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize serialized regular expressions. This vulnerability does not affect Node.js applications. Recommendation Upgrade to version 2.1.1 or later...

The React application in the most common XSS exploits and Defense-vulnerability warning-the black bar safety net

The author has been firmly React technology stack of the user, and therefore will pay attention to the React application security related topics. The author in my ownReact+Redux+Webpack2scaffolding the third level also uses a lot of server-side rendering/isomorphism straight out of the technology...