From 7f56e05fb3cea29ea0cbf3c6ceac8a8e9255a707 Mon Sep 17 00:00:00 2001
From: Fabrizio Balliano <fabrizio.balliano@gmail.com>
Date: Wed, 1 Feb 2023 15:17:11 +0000
Subject: [PATCH 1/2] Fixed ReDos vulnerability in prototypejs

---
 js/prototype/prototype.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/prototype/prototype.js b/js/prototype/prototype.js
index bf2d3b3eab9..a69a6201dbc 100644
--- a/js/prototype/prototype.js
+++ b/js/prototype/prototype.js
@@ -621,7 +621,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function stripTags() {
-    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?(\/)?>|<\/\w+>/gi, '');
+    return this.replace(/<(?=(\w+))\1(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/(?=(\w+))\1>/gi, '');
   }
 
   function stripScripts() {

From d89ee33b7c756e83c11771a71e9202e8f309d68c Mon Sep 17 00:00:00 2001
From: Fabrizio Balliano <fabrizio.balliano@gmail.com>
Date: Wed, 1 Feb 2023 17:19:14 +0000
Subject: [PATCH 2/2] Fixed ReDos vulnerability in prototypejs

---
 js/prototype/prototype.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/prototype/prototype.js b/js/prototype/prototype.js
index a69a6201dbc..e00b2679260 100644
--- a/js/prototype/prototype.js
+++ b/js/prototype/prototype.js
@@ -621,7 +621,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function stripTags() {
-    return this.replace(/<(?=(\w+))\1(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/(?=(\w+))\1>/gi, '');
+    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>'"])+)?\s*("[^">]*|'[^'>])?(\/)?>|<\/\w+>/gi, '');
   }
 
   function stripScripts() {