23 matches found
CVE-2025-40900
An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing an Angular template payload, or a victim can be socially engineered to...
CVE-2025-40900 Angular template injection in Reports in Guardian/CMC before 26.1.0
An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing an Angular template payload, or a victim can be socially engineered to...
CVE-2025-40900
CVE-2025-40900 describes an Angular template injection in the Reports functionality of Guardian/CMC prior to version 26.1.0. An authenticated user with report privileges can embed an Angular template payload in a malicious report, which executes in the victim’s browser during viewing/import, pote...
CVE-2025-40900
An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing an Angular template payload, or a victim can be socially engineered to...
EUVD-2023-30093
Malicious code in bioql PyPI...
CVE-2024-50577
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings...
CVE-2023-26270
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
CVE-2024-50577
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings...
CVE-2024-50577
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings...
CVE-2024-50577
JetBrains YouTrack is affected prior to version 2024.3.47707. The CVE-2024-50577 issue is described as a stored XSS vulnerability caused by Angular template injection in Hub settings. Impact is cross-site scripting via Hub settings, with overall security values indicating confidentiality/integrit...
CVE-2024-50577
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings...
EUVD-2024-44958
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings...
PT-2024-7634 · Jetbrains · Youtrack
Name of the Vulnerable Software and Affected Versions: JetBrains YouTrack versions prior to 2024.3.47707 Description: The issue is related to a stored XSS vulnerability via Angular template injection in Hub settings. This could allow an attacker to perform cross-site scripting attacks. The...
CVE-2023-26270
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
Sql injection
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
CVE-2023-26270 IBM Security Guardium Data Encryption code execution
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
CVE-2023-26270 IBM Security Guardium Data Encryption code execution
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
PT-2023-6903 · Ibm · Ibm Security Guardium Data Encryption +1
Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM version 1.10.3 Description: The issue is caused by an angular template injection flaw, allowing a remote attacker to execute arbitrary code on the system by sending a...
Angular template injection on custom report name field
Summary Report name field is affected by angular template injection which can lead to XSS attacks. Impact Custom report name field can lead to XSS attacks by malicious users. The attacker must have a valid Guardian/CMC login with the ‘Report editor’ capability to leverage this. Mitigation None...
Mail.ru: [geekbrains.ru] Reflected XSS via Angular Template Injection
Potential XSS due to use of Angular templates...