Probable ReDoS vulnerability in some of the reg. expressions used

trtho1068 / DATA1700-oblig-3

0 stars 0 forks source link

Probable ReDoS vulnerability in some of the reg. expressions used #6

Open trtho1068 opened 7 months ago

trtho1068 commented 7 months ago

owasp

trtho1068 commented 7 months ago

Yep, it is as easy as repeating a word enough times in one of the name inputs. F.ex 'mulla mulla mulla mulla ...'. Yet another hint that name validation with regex may not be a good idea.

trtho1068 commented 7 months ago

Should be vastly improved after #7