CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-4216

Malware in sbrugna...

6.1CVSS6.3AI score0.00233EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-7586

Malware in sbrugna...

6.1CVSS6.3AI score0.01907EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 4:45 a.m.•4 views

CVE-2019-17127

A Stored Client Side Template Injection CSTI with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation...

6.1CVSS6.8AI score0.01907EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:42 a.m.•7 views

CVE-2019-17125

A Reflected Client Side Template Injection CSTI with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS...

6.1CVSS6.9AI score0.02383EPSS

Exploits0References1

Hacker One•added 2021/02/05 6:9 a.m.•126 views

FetLife: Stored XSS via Angular Expression injection via Subject while starting conversation with other users.

The reporter pointed out that the Subject field for sending private messages using FetLife's onsite chat was vulnerable to a stored XSS exploit, allowing people to execute potentially malicious contents on the receiving end of the message...

6.4AI score

Exploits0

Github Security Blog•added 2020/09/01 4:40 p.m.•85 views

XSS via Angular Expression in ag-grid

Affected versions of ag-grid are vulnerable to Cross-site Scripting XSS via Angular Expressions, if used in combination with AngularJS. Recommendation Avoid using ag-grid in combination with AngularJS until a fix is available...

6.1CVSS4.2AI score0.00491EPSS

Exploits1References4Affected Software1

OSV•added 2020/01/17 6:15 p.m.•0 views

CVE-2019-17125

6.1CVSS5.8AI score

Exploits0References2

Veracode•added 2018/08/07 9:27 a.m.•32 views

Sensitive Information Leakage

IdentityServer3 is vulnerable to sensitive information leakage. The leakage of identityserver responses is possible because there is a flaw in Angular expression on the authorize response page...

6.1CVSS6AI score0.00233EPSS

Exploits0References2Affected Software1

CNVD•added 2017/08/11 12:0 a.m.•2 views

IdentityServer3 authorize response page cross-site scripting vulnerability

IdentityServer3 is a .NET-based access control plug-in for Web applications. A cross-site scripting vulnerability in the Angular expression of the IdentityServer3 authorize response page allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be use...

6.1CVSS6.2AI score0.00233EPSS

Exploits0References1

OSV•added 2017/08/08 1:34 a.m.•14 views

CVE-2017-12677

IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow remote attackers to obtain sensitive information about the IdentityServer authorization response...

6.1CVSS5.8AI score

Exploits0References1

Hacker One•added 2016/03/21 12:16 a.m.•24 views

New Relic: Stored XSS through Angular Expression Sandbox Escape

As an Admin of an account, I am able to set the Name of the Account to an Angular expression. This Angular expressions is resolved and executed on the Insights Welcome Page for anyone that is apart of the Account. Due to the ability to invite anyone even current NewRelic users to an Account, it...

0.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by