Lucene search
GitHub_MCVELIST:CVE-2021-32854HistoryFeb 20, 2023 - 12:00 a.m.
CVE-2021-32854 textAngular text editor vulnerable to Cross-site Scripting
2023-02-2000:00:00
CWE-79
GitHub_M
www.cve.org
3
textangular
editor
vulnerability
copy-paste
cross-site scripting
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.8%
textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.
CNA Affected
[
{
"vendor": "npm",
"product": "textangular",
"versions": [
{
"version": "1.5.16",
"status": "affected",
"lessThanOrEqual": "1.5.16",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Cross-Site Scripting (XSS)
2022-04-06 15:22:45
github
github
textAngular Cross-site Scripting vulnerability
2023-02-21 15:30:23
nvd
nvd
CVE-2021-32854
2023-02-21 15:15:10
osv
osv
CVE-2021-32854
2023-02-21 15:15:10
textAngular Cross-site Scripting vulnerability
2023-02-21 15:30:23
cve
cve
CVE-2021-32854
2023-02-21 15:15:10
prion
prion
Cross site scripting
2023-02-21 15:15:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.8%
Related for CVELIST:CVE-2021-32854