3 matches found
The vulnerability of the stripTags component and unescapeHTML in the DOM and AJAX Prototype framework allows a hacker to cause a service failure.
The vulnerability of the stripTags and unescapeHTML components in the DOM and AJAX Prototype framework is related to insufficient processing of regular expressions. Exploiting this vulnerability can allow an attacker to cause service failures...
UBUNTU-CVE-2020-27511
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service ReDOS through stripping crafted HTML tags...
GHSA-G36H-6R4F-3MQP Regular Expression Denial of Service in string package
Affected versions of string are vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods. Recommendation There is currently no direct patch for this vulnerability. Currently, the best solution is to avo...