Server-Side JavaScript Injection Bryan Sullivan, Senior Security Researcher, Adobe Secure Software Engineering Team July 2011 Abstract This whitepaper is presented in support of the BlackHat USA 2011 talk, “Server- Side JavaScript Injection: Attacking NoSQL and Node.js”. Both this paper and the accompanying talk will discuss security vulnerabilities that can arise when software developers create a