CVE-2020-7660 @ Npm-serialize-javascript-1.9.1

[Abdul1110]

Vulnerable Package issue exists @ Npm-serialize-javascript-1.9.1 in branch master

serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js".

Namespace: Abdul1110
Repository: TEST_ORION
Repository Url: https://github.com/Abdul1110/TEST_ORION
CxAST-Project: Abdul1110/TEST_ORION
CxAST platform scan: 19490220-b272-4b92-94fa-50af22248f60
Branch: master
Application: TEST_ORION
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-502

---

Addition Info
Attack vector: NETWORK
Attack complexity: HIGH
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 3.1.0

---

References
Commit
Pull request
Advisory
Advisory