Intel

AIKIDO-2024-10066

serialize-javascript is vulnerable to Cross-site Scripting (XSS)

Cross-site Scripting (XSS)CVE-2024-11831 Published Apr 30, 2024

64

Medium Risk

This Affects:

JSserialize-javascript
6.0.0 - 6.0.1
Fixed in 6.0.2
Are you affected? Scan for Free

TL;DR

Affected versions of the serialize-javascript library are vulnerable to Cross-site Scripting (XSS) due to unsanitized URLs. Attackers can inject unsafe HTML characters through non-HTTP URLs in the serialize function.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range.

Background info

serialize-javascript is vulnerable to Cross-site Scripting (XSS) in versions 6.0.0 - 6.0.1.

How to fix this

Upgrade the serialize-javascript library to the patch version.

Links

Other

access.redhat.com/errata/RHBA-2025:0304
https://access.redhat.com/errata/RHBA-2025:0304
access.redhat.com/errata/RHSA-2025:0381
https://access.redhat.com/errata/RHSA-2025:0381
access.redhat.com/errata/RHSA-2025:10853
https://access.redhat.com/errata/RHSA-2025:10853
access.redhat.com/errata/RHSA-2025:1334
https://access.redhat.com/errata/RHSA-2025:1334
access.redhat.com/errata/RHSA-2025:1468
https://access.redhat.com/errata/RHSA-2025:1468
access.redhat.com/errata/RHSA-2025:21068
https://access.redhat.com/errata/RHSA-2025:21068
access.redhat.com/errata/RHSA-2025:21203
https://access.redhat.com/errata/RHSA-2025:21203
access.redhat.com/errata/RHSA-2025:3870
https://access.redhat.com/errata/RHSA-2025:3870
access.redhat.com/errata/RHSA-2025:4511
https://access.redhat.com/errata/RHSA-2025:4511
access.redhat.com/errata/RHSA-2025:8059
https://access.redhat.com/errata/RHSA-2025:8059
access.redhat.com/errata/RHSA-2025:8078
https://access.redhat.com/errata/RHSA-2025:8078
access.redhat.com/errata/RHSA-2025:8233
https://access.redhat.com/errata/RHSA-2025:8233
access.redhat.com/errata/RHSA-2025:8479
https://access.redhat.com/errata/RHSA-2025:8479
access.redhat.com/errata/RHSA-2025:8512
https://access.redhat.com/errata/RHSA-2025:8512
access.redhat.com/errata/RHSA-2025:8544
https://access.redhat.com/errata/RHSA-2025:8544
access.redhat.com/errata/RHSA-2025:8551
https://access.redhat.com/errata/RHSA-2025:8551
access.redhat.com/errata/RHSA-2025:9294
https://access.redhat.com/errata/RHSA-2025:9294
access.redhat.com/errata/RHSA-2026:1536
https://access.redhat.com/errata/RHSA-2026:1536
access.redhat.com/errata/RHSA-2026:2769
https://access.redhat.com/errata/RHSA-2026:2769
access.redhat.com/errata/RHSA-2026:8568
https://access.redhat.com/errata/RHSA-2026:8568
access.redhat.com/security/cve/CVE-2024-11831
https://access.redhat.com/security/cve/CVE-2024-11831
bugzilla.redhat.com/show_bug.cgi?id=2312579
https://bugzilla.redhat.com/show_bug.cgi?id=2312579