mootools-core is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability exists via the Slick.parse
function in Slick.Parser.js
, which does not properly handle user-injected string into a CSS selector at runtime, which allows remote attackers to cause denial of service conditions.
CPE | Name | Operator | Version |
---|---|---|---|
mootools-core | le | 1.20 | |
mootools-core | le | 1.20 |