High severity7.5NVD Advisory· Published Jun 21, 2021· Updated Jun 17, 2026
CVE-2020-27511
CVE-2020-27511
Description
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Prototype/Prototypedescription
- Range: =1.7.3
Patches
Vulnerability mechanics
References
3- github.com/prototypejs/prototype/blob/dee2f7d8611248abce81287e1be4156011953c90/src/prototype/lang/string.jsnvdExploitThird Party Advisory
- github.com/yetingli/PoCs/blob/main/CVE-2020-27511/Prototype.mdnvdExploitThird Party Advisory
- prototypejs.orgnvdVendor Advisory
News mentions
0No linked articles in our index yet.