Lucene search
+L

42 matches found

RedhatCVE
RedhatCVE
added 2025/12/05 5:24 p.m.11 views

CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

8.5CVSS5.7AI score0.00377EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/12/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2025-66412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, an...

8.5CVSS7AI score0.00377EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/02 1:20 a.m.12 views

EUVD-2025-200118

Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes...

8.5CVSS5.5AI score0.00377EPSS
Exploits1References3
OSV
OSV
added 2025/12/02 1:20 a.m.14 views

GHSA-V4HV-RGFQ-GP49 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...

8.5CVSS7AI score0.00377EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/12/02 1:20 a.m.19 views

Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...

8.5CVSS7.1AI score0.00377EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2025/12/01 11:15 p.m.17 views

CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

8.5CVSS0.00377EPSS
Exploits1References4
OSV
OSV
added 2025/12/01 11:15 p.m.8 views

DEBIAN-CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

8.5CVSS5.7AI score0.00377EPSS
Exploits1References1
OSV
OSV
added 2025/12/01 11:15 p.m.5 views

UBUNTU-CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

8.5CVSS6.5AI score0.00377EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2025/12/01 10:35 p.m.10 views

CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

8.5CVSS6.9AI score0.00377EPSS
Exploits1
Cvelist
Cvelist
added 2025/12/01 10:35 p.m.22 views

CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

8.5CVSS0.00377EPSS
Exploits1References2
CVE
CVE
added 2025/12/01 10:35 p.m.136 views

CVE-2025-66412

CVE-2025-66412 concerns Angular’s Template Compiler, where a stored XSS could occur due to an incomplete security schema that fails to classify certain URL-holding attributes (e.g., javascript: URLs) as requiring strict URL security. The vulnerability allows injection of malicious scripts and is ...

8.5CVSS5.3AI score0.00377EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/12/01 10:35 p.m.10 views

CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

8.5CVSS5.7AI score0.00377EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.9 views

PT-2025-48578

Name of the Vulnerable Software and Affected Versions Angular versions prior to 21.0.2 Angular versions prior to 20.3.15 Angular versions prior to 19.2.17 Description A Stored Cross-Site Scripting XSS issue exists in the Angular Template Compiler due to an incomplete internal security schema. Thi...

9CVSS5.4AI score0.00377EPSS
Exploits1References27
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.14 views

Angular 跨站脚本漏洞

Angular is a development platform of Angular open source. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. A cross-site scripting vulnerability exists in Angular versions prior to 21.0.2, prior to 20.3.15, and prior to 19.2.17, which stems...

8.5CVSS7.5AI score0.00377EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2024/07/23 3:31 p.m.6 views

0-1-project (=0.0.1), 02vue_toast_demo (>=1.0.0 <=1.0.4) +8619 more potentially affected by CVE-2024-6783 via vue-template-compiler (>=2.0.0 <=2.7.9)

vue-template-compiler NPM version =2.0.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =2.0.0, =1.0.0, =0.3.11, =0.0.1, =11.0.1, =11.0.2 and more Source cves: CVE-2024-6783 Source advisory: OSV:GHSA-G3CH-RX76-35FX...

4.8CVSS7AI score0.00506EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/07/23 3:31 p.m.38 views

vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)

A vulnerability has been discovered in vue-template-compiler, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as Object.prototype.staticClass or Object.prototype.staticStyle to execute arbitrary JavaScript code...

4.8CVSS6.2AI score0.00506EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.10 views

The vulnerability of the Twig template compiler, related to errors in isolated software environments, allows attackers to gain access to confidential data.

The vulnerability of the Twig template compiler relates to errors in a isolated programming environment. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

4.3CVSS5.4AI score0.01405EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/01/18 5:59 p.m.5 views

DEBIAN-CVE-2016-7998

The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted 1 INCLUDE or 2 INCLURE tag and then accessing it with a validerxml action...

8.8CVSS8.6AI score0.13649EPSS
Exploits7References1
0day.today
0day.today
added 2016/10/20 12:0 a.m.67 views

SPIP 3.1.2 Template Compiler / Composer PHP Code Execution

Exploit for php platform in category web applications SPIP 3.1.2 Template Compiler/Composer PHP Code Execution CVE-2016-7998 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free...

6.5CVSS8.6AI score0.13649EPSS
Exploits7
Packet Storm
Packet Storm
added 2016/10/20 12:0 a.m.43 views

SPIP 3.1.2 Template Compiler / Composer PHP Code Execution

SPIP 3.1.2 Template Compiler/Composer PHP Code Execution CVE-2016-7998 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software, distributed under the GNU/GPL licence...

8.7AI score0.13649EPSS
Exploits7
Rows per page
Query Builder