Your submission was sent successfully! Close

CVE-2020-27511

Published: 21 June 2021

An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
prototypejs
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Does not exist

upstream Needs triage

xenial Ignored
(out of standard support)