serialize-javascript@4.0.0 vulnerabilities

Serialize JavaScript to a superset of JSON that includes regular expressions and functions.

Direct Vulnerabilities

Known vulnerabilities in the serialize-javascript package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to unsanitized URLs. An Attacker can introduce unsafe HTML characters through non-http URLs.

How to fix Cross-site Scripting (XSS)?

Upgrade serialize-javascript to version 6.0.2 or higher.

<6.0.2