Filtered by vendor Angularjs
Subscriptions
Filtered by product Angular.js
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-7676 | 1 Angularjs | 1 Angular.js | 2023-11-07 | 5.4 Medium |
angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code. | ||||
CVE-2019-10768 | 1 Angularjs | 1 Angular.js | 2023-11-07 | 7.5 High |
In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload. | ||||
CVE-2019-14863 | 2 Angularjs, Redhat | 3 Angular.js, Decision Manager, Process Automation | 2020-01-09 | 6.1 Medium |
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. |
Page 1 of 1.