Vue. vue-server-renderer’s Dependency Of serialize-javascript To 2.1.2 On Versions Under 2.6.11

Impact area

Security

Severity

Medium

Affected element

ServiceNow

UI Script

Salesforce

Static Resource

Rule number

SN-JSL-VUE-LESSTHAN-V2611 (for ServiceNow)

SF-JSL-VUE-LESSTHAN-V2611 (for Salesforce)

Impact #

There is a Cross-Site Scripting vulnerability in dependency ‘serialize-javascript’. serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Arbitrary Code Injection.

Remediation

Update vue JS library to the latest version.

Time to fix

30 min

References #

This rule is linked to Common Weakness Enumeration CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’).

Get Started

Quality Clouds For ServiceNow

Quality Clouds For Salesforce

Quality Clouds For Office 365

Vue. vue-server-renderer’s Dependency Of serialize-javascript To 2.1.2 On Versions Under 2.6.11

Impact #

References #

Was it helpful ?

Vue. vue-server-renderer’s Dependency Of serialize-javascript To 2.1.2 On Versions Under 2.6.11

Impact #

References #

Share This Article :

Was it helpful ?