AngularJS improperly sanitizes SVG elements

Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing and also negatively affect...

AngularJS < 1.6.1 Cross-Site Scripting

According to its self-reported version number, AngularJS is prior to 1.6.1. Therefore, it may be affected by a JSONP callback vulnerability than can lead to Cross-Site Scripting XSS. Note that the scanner has not tested for these issues but has instead relied only on the application's self-report...