OpenNMS vulnerable to Cross-site Scripting

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....

CVE-2023-40311

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....

Cross site scripting

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....

Security Bulletin: IBM MQ is affected by multiple Angular JS vulnerabilities.

Summary IBM MQ has resolved multiple Angular JS vulnerabilities CVE-2022-25844, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2022-25869. Angular JS is used in Dashboard Web Console. Vulnerability Details CVEID:CVE-2022-25844 DESCRIPTION: Node.js Angular module is vulnerable to a denial of...

GHSA-R3HF-Q8Q7-FV2P Angular critical CSS inlining Cross-site Scripting Vulnerability Advisory

Impact Angular Universal applications on 16.1.0 and 16.1.1 using critical CSS inlining are vulnerable to a cross-site scripting XSS attack where an attacker can trick another user into visiting a page which injects malicious JavaScript. Angular CLI applications without Universal do perform critic...

Angular critical CSS inlining Cross-site Scripting Vulnerability Advisory

Impact Angular Universal applications on 16.1.0 and 16.1.1 using critical CSS inlining are vulnerable to a cross-site scripting XSS attack where an attacker can trick another user into visiting a page which injects malicious JavaScript. Angular CLI applications without Universal do perform critic...

@0x0bit/sails-hook-redis (>=0.1.1 <=0.1.2), @driscode/cs2-lib (>=5.8.1-driscode-5 <=5.9.0-driscode-52) +137 more potentially affected by CVE-2023-38504 via sails (>=0.10.5 <=1.5.17)

sails NPM version =0.10.5, =0.1.1, =5.8.1-driscode-5, =3.0.0, =1.0.0, =0.0.1-prerelease, =1.1.8, =0.0.0, =0.0.0, =1.0.0, =1.3.2 - barmecide =0.0.5 - cacrypt =0.0.1 and more Source cves: CVE-2023-38504 Source advisory: OSV:GHSA-GPW9-FWM8-7RX7...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Angular

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Angular. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the $resource service...

Updated glances packages fix security vulnerability

Regular Expression Denial of Service ReDoS in angular CVE-2022-25844...

MGASA-2023-0215 Updated glances packages fix security vulnerability

Regular Expression Denial of Service ReDoS in angular CVE-2022-25844...

GHSA-MRCJ-5QXR-VHP2 angular-ui-notification Cross-site Scripting vulnerability

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

@copyleaks/plagiarism-report (>=1.0.0 <=1.0.13), bzz-ui (>=1.0.1 <=1.11.14) +8 more potentially affected by CVE-2023-34840 via angular-ui-notification (>=0.1.0 <=0.3.6)

angular-ui-notification NPM version =0.1.0, =1.0.0, =1.0.1, =2.8.46, =2.8.16, =1.0.0, =1.1.1, =1.0.0, =0.0.1, =0.0.6 - wservice-web =1.0.0 Source cves: CVE-2023-34840 Source advisory: OSV:GHSA-MRCJ-5QXR-VHP2...

angular-ui-notification Cross-site Scripting vulnerability

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

CVE-2023-34840

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

CVE-2023-34840

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

CVE-2023-34840

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

Cross site scripting

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to the Angular JS (CVE-2023-26116, CVE-2023-26117, CVE-2023-26118)

Summary The Discovery Connectors in IBM App Connect Enterprise are vulnerable to a denial of service due to the Angular JS CVE-2023-26116, CVE-2023-26117, CVE-2023-26118. The fix removes Angular JS. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of...

CVE-2023-34840

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

angular-ui-notification 跨站脚本漏洞

angular-ui-notification is a library by Alexey Avramchik personal developer. Used to provide simple notifications, animated using Bootstrap 3 styles and css transformations. A security vulnerability exists in Angular angular-ui-notification version v0.1.0, v0.2.0, v0.3.6, which stems from a...