You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
AngularJS is an MVC framework for building web applications. The core features include HTML enhanced with custom component and data-binding capabilities, dependency injection and strong focus on simplicity, testability, maintainability and boiler-plate reduction.
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.
CVE-2022-25869 - Medium Severity Vulnerability
Vulnerable Library - angular-1.3.9.min.js
AngularJS is an MVC framework for building web applications. The core features include HTML enhanced with custom component and data-binding capabilities, dependency injection and strong focus on simplicity, testability, maintainability and boiler-plate reduction.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.3.9/angular.min.js
Path to dependency file: /node_modules/backstopjs/examples/angularAppWithCssTransitions/index.html
Path to vulnerable library: /node_modules/backstopjs/examples/angularAppWithCssTransitions/./angular.min.js
Dependency Hierarchy:
Found in HEAD commit: 9c0c2cadda2965ff0d2cb956635474ae9161ddfe
Found in base branch: next
Vulnerability Details
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.
Publish Date: 2022-07-15
URL: CVE-2022-25869
CVSS 3 Score Details (6.1)
Base Score Metrics:
The text was updated successfully, but these errors were encountered: