4science_ng-dynamic-forms (>=19.0.0 <=19.0.3), @123samir/gonna-build-a-mountain-po-ts-lint (>=6.0.0 <=10.0.0-rc.1) +4555 more potentially affected by CVE-2025-66412 via @angular/compiler (>=0.0.0-0 <=18.2.14)

@angular/compiler NPM version =0.0.0-0, =19.0.0, =6.0.0, =0.0.0, =0.2.0, =3.0.2, =3.0.3 - @aakashsuryawanshi/ng-idle =1.0.0 - @aalsi/ap-lib-demo =0.0.3-SNAPSHOT - @abaza738/angular-editor =1.0.0 - @abdos/ngx-tinzert =0.0.0 - @abdullk00138/watch-list =1.0.0 - @abdullk00138/webui =1.0.2 -...

EUVD-2025-200118

Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes...

Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...

GHSA-V4HV-RGFQ-GP49 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...

DEBIAN-CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

UBUNTU-CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

CVE-2025-66412

CVE-2025-66412 concerns Angular’s Template Compiler, where a stored XSS could occur due to an incomplete security schema that fails to classify certain URL-holding attributes (e.g., javascript: URLs) as requiring strict URL security. The vulnerability allows injection of malicious scripts and is ...

CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

CVE-2025-66412

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

EUVD-2025-200048

Malicious code in nova-angular-project npm...

Malicious code in angular-promql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b34c3150aabe5f7147486dac3ab4fd22d906f4ec0d8f4f7d39b1c9f2137ebaaf The package angular-promql was found to contain malicious code...

Malicious code in nova-angular-project (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c1edbc661355ab22d5857395431ed8c7eb4bd73b77e1080a8cdb5ad1c386a8e The package nova-angular-project was found to contain malicious code...

EUVD-2025-200064

Malicious code in angular-promql npm...

MAL-2025-191505 Malicious code in angular-promql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b34c3150aabe5f7147486dac3ab4fd22d906f4ec0d8f4f7d39b1c9f2137ebaaf The package angular-promql was found to contain malicious code...

MAL-2025-191521 Malicious code in nova-angular-project (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c1edbc661355ab22d5857395431ed8c7eb4bd73b77e1080a8cdb5ad1c386a8e The package nova-angular-project was found to contain malicious code...

PT-2025-48578

Name of the Vulnerable Software and Affected Versions Angular versions prior to 21.0.2 Angular versions prior to 20.3.15 Angular versions prior to 19.2.17 Description A Stored Cross-Site Scripting XSS issue exists in the Angular Template Compiler due to an incomplete internal security schema. Thi...