Delete file/nodejs/xss-serialize-javascript.yaml

2024-06-20 22:18:06 +04:00 · 2024-06-20 22:18:06 +04:00 · e2a1696f5d
parent 4aef27031d
commit e2a1696f5d
1 changed files with 0 additions and 26 deletions
--- a/file/nodejs/xss-serialize-javascript.yaml
+++ b/file/nodejs/xss-serialize-javascript.yaml
@ -1,26 +0,0 @@
 id: xss-serialize-javascript
 info:
  name: XSS Serialize Javascript
  author: me_dheeraj (https://twitter.com/Dheerajmadhukar)
  severity: info
  description: Untrusted user input reaching `serialize-javascript` with `unsafe` attribute can cause Cross Site Scripting (XSS).
  tags: file,nodejs,serialize,xss
 file:
  - extensions:
      - all
    matchers:
      - type: regex
        regex:
          - "require\\('serialize-javascript'\\)"
          - "\\$S\\(\\.\\*?, \\{unsafe: true\\}\\)"
        condition: or
      - type: regex
        negative: true
        regex:
          - "escape\\(.*?\\)"
          - "encodeURI\\(.*?\\)"
        condition: or
 # digest: 4b0a00483046022100c969127d5164e847745c08918d013ec03653d1ebd3df975a2ebba346eabc86ca022100eb6452e18b4c019fede7e45505c43395c0a854ec7842beb502dfed933b126877:922c64590222798bb761d5b6d8e72950