Regular Expression Denial of Service (ReDoS) Vulnerability in jQuery Validation Plugin

Regular Expression Denial of Service (ReDoS) Vulnerability in jQuery Validation Plugin

CVE-2021-21252 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.

Learn more about our Web Application Penetration Testing UK.