Injection Vulnerability
serialize-javascript allows remote attackers to inject arbitrary code via the function deleteFunctions within index.js.
Advisories for Npm/Serialize-Javascript package
2020
2019
Cross-site Scripting
The serialize-javascript npm package is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.