An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Prototype | Prototypejs | 1.7.3 (including) | 1.7.3 (including) |