Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to denial of service due to AngularJS (CVE-2022-25844)

Summary AngularJS is shipped with IBM Tivoli Netcool Impact as part of its UI framework. Information about a security vulnerability affecting AngularJS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-25844 DESCRIPTION: Node.js Angular module is vulnerable to a deni...

Security Bulletin: Multiple vulnerabilities have been identified in AngularJS shipped with IBM Tivoli Netcool Impact

Summary AngularJS is shipped with IBM Tivoli Netcool Impact as part of its UI framework. Information about security vulnerabilities affecting AngularJS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service...

Security Bulletin: IBM Tivoli Netcool Impact is vulernable to cross-site scripting due to AngularJS (CVE-2022-25869)

Summary AngularJS is shipped with IBM Tivoli Netcool Impact as part of its UI framework. Information about a security vulnerability affecting AngularJS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-25869 DESCRIPTION: Node.js angular module is vulnerable to...

Security Bulletin: IBM MQ Appliance is affected by multiple AngularJS vulnerabilities

Summary IBM MQ Appliance has resolved multiple AngularJS vulnerabilities CVE-2023-26117, CVE-2023-26116, CVE-2023-26118, CVE-2022-25869, CVE-2022-25844. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service, caused by a regular expression denial of...

MAL-2023-1321 Malicious code in thentiacloud-angularjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 080925c1a04cb601b6c5a204f7e8db92592ee52721272a7effa1eb5caf5207c8 The OpenSSF Package Analysis project identified 'thentiacloud-angularjs' @ 1.2.0 npm as malicious. It is considered malicious because: - The...

Malicious code in thentiacloud-angularjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 080925c1a04cb601b6c5a204f7e8db92592ee52721272a7effa1eb5caf5207c8 The OpenSSF Package Analysis project identified 'thentiacloud-angularjs' @ 1.2.0 npm as malicious. It is considered malicious because: - The...

AngularJS Filemanager 1.5.1 Shell Upload

==================================================================================================================================== | Title : AngularJS Filemanager v1.5.1 File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

@copyleaks/plagiarism-report (>=1.0.0 <=1.0.13), bzz-ui (>=1.0.1 <=1.11.14) +8 more potentially affected by CVE-2023-34840 via angular-ui-notification (>=0.1.0 <=0.3.6)

angular-ui-notification NPM version =0.1.0, =1.0.0, =1.0.1, =2.8.46, =2.8.16, =1.0.0, =1.1.1, =1.0.0, =0.0.1, =0.0.6 - wservice-web =1.0.0 Source cves: CVE-2023-34840 Source advisory: OSV:GHSA-MRCJ-5QXR-VHP2...

Security Bulletin: Multiple vulnerabilities in angular.js may affect IBM Business Automation Workflow ( CVE-2019-14863, CVE-2020-7676, CVE-2019-10768)

Summary IBM Business Automation Workflow packages a vulnerable version of angular js. Vulnerability Details CVEID:CVE-2019-14863 DESCRIPTION: Angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability ...

CVE-2022-27665

Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...

CVE-2022-27665

Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...

Design/Logic Flaw

Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...

CVE-2022-27665

Summary (CVE-2022-27665): Progress Ipswitch WS_FTP Server 8.6.0 is affected by a reflected XSS vulnerability via AngularJS sandbox escape expressions, allowing an attacker to trigger client-side code by submitting crafted input in the subdirectory search bar or Add folder filename fields. The iss...

CVE-2022-27665

Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...

CVE-2022-27665

Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...

CVE-2023-26116

A flaw was found in AngularJS, where it is vulnerable to a denial of service caused by a regular expression denial of service ReDoS flaw in the angular.copy utility function. By providing specially-crafted regex input, a remote attacker can cause a denial of service...

CVE-2023-26117

A flaw was found in AngularJS, where it is vulnerable to a denial of service caused by a regular expression denial of service ReDoS issue in the $resource service. By providing specially-crafted regex input, a remote attacker could cause a denial of service...

Regular Expression Denial of Service (ReDoS)

Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular expression in the inputurl functionality. Exploiting this...

Regular Expression Denial of Service (ReDoS)

Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is...

K32412075: AngularJS XSS vulnerability CVE-2020-7676

Security Advisory Description angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code. CVE-2020-7676 Impact An attack...