CVE-2019-16769

Name of the Vulnerable Software and Affected Versions serialize-javascript versions prior to 2.1.1

Description The issue concerns a failure to properly mitigate against unsafe characters in serialized regular expressions, leading to Cross-site Scripting (XSS). This problem does not affect Node.js applications due to Node.js's implementation of RegExp.prototype.toString(), which backslash-escapes all forward slashes in regular expressions. The vulnerability is relevant when serialized data of regular expression objects are used in environments other than Node.js.

Recommendations For versions prior to 2.1.1, upgrade to version 2.1.1 or later.