5 matches found
DEBIAN-CVE-2026-50555
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino wh...
CVE-2026-50555
Summary: CVE-2026-50555 affects the @angular/platform-server SSR path via the domino DOM emulation dependency. A Unicode index alignment bug in domino’s escaping logic caused astral Unicode characters preceding closing tags (such as,,) to misalign the escape/replacement, leaving the closing tag u...
CVE-2026-50555
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino wh...
GHSA-HQR9-C56F-3X7F @angular/platform-server: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino when serializing the content of raw-text elements such as , , and . domino supports escaping raw-text elements during serialization to prevent closing-tag breakout. However, a Unicode ind...
PT-2026-49565
Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.0-rc.2 Angular versions prior to 21.2.16 Angular versions prior to 20.3.24 Angular versions prior to 19.2.25 Description A Cross-Site Scripting XSS issue exists in the domino DOM emulation dependency of...