Lucene search
SnykCVELIST:CVE-2022-25869HistoryJul 15, 2022 - 8:02 p.m.
CVE-2022-25869 Cross-site Scripting (XSS)
2022-07-1520:02:02
snyk
www.cve.org
6
package angular
xss
internet explorer
page caching
CVSS3
4.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P
EPSS
0.005
Percentile
76.3%
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.
CNA Affected
[
{
"product": "angular",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
osv
osv
Angular (deprecated package) Cross-site Scripting
2022-07-16 00:00:20
prion
prion
Cross site scripting
2022-07-15 20:15:00
veracode
veracode
Cross-site Scripting (XSS)
2022-07-19 06:46:56
ibm
ibm
github
github
Angular (deprecated package) Cross-site Scripting
2022-07-16 00:00:20
ubuntucve
ubuntucve
CVE-2022-25869
2022-07-15 00:00:00
nvd
nvd
CVE-2022-25869
2022-07-15 20:15:08
cve
cve
CVE-2022-25869
2022-07-15 20:15:08
debiancve
debiancve
CVE-2022-25869
2022-07-15 20:15:08
CVSS3
4.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P
EPSS
0.005
Percentile
76.3%
Related for CVELIST:CVE-2022-25869