Lucene search

[email protected]NVD:CVE-2022-25869

HistoryJul 15, 2022 - 8:15 p.m.

CVE-2022-25869

2022-07-1520:15:08

CWE-79

[email protected]

web.nvd.nist.gov

angular

xss

internet explorer

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.005

Percentile

76.3%

JSON

All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.

Affected configurations

Nvd

Node

angularjsangularnode.js

VendorProductVersionCPE
angularjsangular*cpe:2.3:a:angularjs:angular:*:*:*:*:*:node.js:*:*

Vendor	Product	Version	CPE
angularjs	angular	*	cpe:2.3:a:angularjs:angular::::::node.js::*

References

glitch.com/edit/%23%21/angular-repro-textarea-xss

snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783

snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784

snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782

snyk.io/vuln/SNYK-JS-ANGULAR-2949781

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.005

Percentile

76.3%

JSON

Related for NVD:CVE-2022-25869

osv1 ibm12 prion1 veracode1 github1 ubuntucve1 cve1 cvelist1 debiancve1