Lucene search
GitHub_MCVE-2021-32854HistoryFeb 21, 2023 - 3:15 p.m.
CVE-2021-32854
2023-02-2115:15:10
CWE-79
GitHub_M
web.nvd.nist.gov
27
textangular
angular.js
xss
copy-paste
security vulnerability
cve-2021-32854
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.8%
textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.
Affected configurations
Node
textangulartextangularRange≤1.5.16
| Vendor | Product | Version | CPE |
|---|---|---|---|
| textangular | textangular | * | cpe:2.3:a:textangular:textangular:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "npm",
"product": "textangular",
"versions": [
{
"version": "1.5.16",
"status": "affected",
"lessThanOrEqual": "1.5.16",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Cross-Site Scripting (XSS)
2022-04-06 15:22:45
github
github
textAngular Cross-site Scripting vulnerability
2023-02-21 15:30:23
nvd
nvd
CVE-2021-32854
2023-02-21 15:15:10
osv
osv
CVE-2021-32854
2023-02-21 15:15:10
textAngular Cross-site Scripting vulnerability
2023-02-21 15:30:23
prion
prion
Cross site scripting
2023-02-21 15:15:00
cvelist
cvelist
CVE-2021-32854 textAngular text editor vulnerable to Cross-site Scripting
2023-02-20 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.8%
Related for CVE-2021-32854