id: xss-serialize-javascript

info:
  name: XSS Serialize Javascript
  author: me_dheeraj (https://twitter.com/Dheerajmadhukar)
  severity: info
  description: Untrusted user input reaching `serialize-javascript` with `unsafe` attribute can cause Cross Site Scripting (XSS).
  tags: file,nodejs,serialize,xss

file:
  - extensions:
      - all

    matchers:
      - type: regex
        regex:
          - "\\$S = require\\('serialize-javascript'\\)"
          - "\\$S\\(..., {unsafe: true}\\)"
        condition: or

      - type: regex
        negative: true
        regex:
          - "escape\\(...\\)"
          - "encodeURI\\(...\\)"
        condition: or