Research Article
A Server-Side JavaScript Security Architecture for Secure Integration of Third-Party Libraries
Figure 1
Example code of a Node.js application vulnerable to an injection attack. Just as in a client-side context, the call to eval, on line 8, must be considered dangerous [7] and makes the example vulnerable to an injection attack.