42 matches found
CVE-2025-66412
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
Linux Distros Unpatched Vulnerability : CVE-2025-66412
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, an...
EUVD-2025-200118
Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes...
GHSA-V4HV-RGFQ-GP49 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...
Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...
CVE-2025-66412
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
DEBIAN-CVE-2025-66412
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
UBUNTU-CVE-2025-66412
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
CVE-2025-66412
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
CVE-2025-66412
CVE-2025-66412 concerns Angular’s Template Compiler, where a stored XSS could occur due to an incomplete security schema that fails to classify certain URL-holding attributes (e.g., javascript: URLs) as requiring strict URL security. The vulnerability allows injection of malicious scripts and is ...
CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
PT-2025-48578
Name of the Vulnerable Software and Affected Versions Angular versions prior to 21.0.2 Angular versions prior to 20.3.15 Angular versions prior to 19.2.17 Description A Stored Cross-Site Scripting XSS issue exists in the Angular Template Compiler due to an incomplete internal security schema. Thi...
Angular 跨站脚本漏洞
Angular is a development platform of Angular open source. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. A cross-site scripting vulnerability exists in Angular versions prior to 21.0.2, prior to 20.3.15, and prior to 19.2.17, which stems...
0-1-project (=0.0.1), 02vue_toast_demo (>=1.0.0 <=1.0.4) +8619 more potentially affected by CVE-2024-6783 via vue-template-compiler (>=2.0.0 <=2.7.9)
vue-template-compiler NPM version =2.0.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =2.0.0, =1.0.0, =0.3.11, =0.0.1, =11.0.1, =11.0.2 and more Source cves: CVE-2024-6783 Source advisory: OSV:GHSA-G3CH-RX76-35FX...
vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)
A vulnerability has been discovered in vue-template-compiler, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as Object.prototype.staticClass or Object.prototype.staticStyle to execute arbitrary JavaScript code...
The vulnerability of the Twig template compiler, related to errors in isolated software environments, allows attackers to gain access to confidential data.
The vulnerability of the Twig template compiler relates to errors in a isolated programming environment. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
DEBIAN-CVE-2016-7998
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted 1 INCLUDE or 2 INCLURE tag and then accessing it with a validerxml action...
SPIP 3.1.2 Template Compiler / Composer PHP Code Execution
Exploit for php platform in category web applications SPIP 3.1.2 Template Compiler/Composer PHP Code Execution CVE-2016-7998 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free...
SPIP 3.1.2 Template Compiler / Composer PHP Code Execution
SPIP 3.1.2 Template Compiler/Composer PHP Code Execution CVE-2016-7998 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software, distributed under the GNU/GPL licence...