GrepRules
Sign inPublish rule
Explore/cve-2025-27600-flawed-json-escape-regex

CVE-2025-27600: Flawed Json Escape Regex

The code uses a flawed negative lookbehind regex (`/(?<!\\)"/g`) to escape double quotes for JSON string substitution. This fails to correctly escape user input when an explicitly escaped backslash is provided (e.g., `\\"`), allowing an attacker to break out of JSON string boundaries and inject arbitrary object properties. Use `JSON.stringify(val).slice(1, -

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0JS
greprules fetch cve-2025-27600-flawed-json-escape-regex --engine opengrep

Description

The code uses a flawed negative lookbehind regex (`/(?<!\\)"/g`) to escape double quotes for JSON string substitution. This fails to correctly escape user input when an explicitly escaped backslash is provided (e.g., `\\"`), allowing an attacker to break out of JSON string boundaries and inject arbitrary object properties. Use `JSON.stringify(val).slice(1, -

License
Apache-2.0
Source context
Public repository
Source
Provally CVE rule catalog
Validation status
Verified
Quality signals
146 downloads0 direct146 via packs
· 0 stars · Quality score 68How quality works
Included packs
2 packs