CVE 2017-18256
Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled.
See the
CVE page on Mitre.org
for more details.