ReDoS in html-parse-string #2
Description
Hi,
I would like to report two Regular Expression Denial of Service (REDoS) vulnerability in html-parse-string.
It allows cause a denial of service when parsing crafted invalid HTML strings.
You can execute the code below to reproduce the vulnerability.
var htmlParseString = require("html-parse-string")
htmlParseString.parse('<!""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""!')Feel free to contact me if you have any questions.
Best regards,
Yeting Li