jQuery Validation Other Vulnerability (CVE-2021-43306)

Description

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method

Remediation

References

CVE-2021-43306

Related Vulnerabilities

WordPress Plugin YITH Desktop Notifications for WooCommerce Security Bypass (1.2.7)

WordPress Plugin PI Button includes Backdoor [Only if downloaded via the vendor website] (3.3.3)

WordPress Plugin PowerPress Podcasting by Blubrry Malicious Code (11.9.4)

WordPress Plugin Theme Tweaker Cross-Site Request Forgery (5.20)

Liferay Portal Insufficiently Protected Credentials Vulnerability (CVE-2021-29043)

Severity

High

Classification

CVE-2021-43306 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H