VDB

CVE-2020-27511

CVE-2020-27511 PUBLISHED

An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.

EPSS 1.19% · 79.2th percentile

Risk Scores

EPSS Score
1.19%
79.2th percentile

Affected Products

VendorProductVersions
Ubuntu:25.10prototypejs0, 1.7.3-2
Ubuntu:18.04:LTSprototypejs1.7.1-3, 0
Ubuntu:20.04:LTSprototypejs0, 1.7.1-3
Ubuntu:24.04:LTSprototypejs1.7.3-1, 0
Ubuntu:22.04:LTSprototypejs1.7.1-3.1, 0
Ubuntu:16.04:LTSprototypejs0, 1.7.1-3

Timeline

  • Jun 21, 2021 CVE Published
  • Jun 22, 2021 EPSS Score
  • Aug 21, 2021 EPSS Score
  • Oct 21, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 19, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jun 19, 2022 EPSS Score
  • Aug 20, 2022 EPSS Score
  • Oct 19, 2022 EPSS Score
  • Dec 19, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›