CVE-2015-0167

2015-02-2016:00:00

ibm

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.2%

JSON

Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor.

References

exchange.xforce.ibmcloud.com/vulnerabilities/100929

github.com/fraywing/textAngular/releases/tag/v1.3.7