3 matches found
CVE-2020-5219
Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compileuserControlledInput where userControlledInput is text that comes from user input. If running angular-expressions in the browser, an attacker could run any browser script when the...
CVE-2020-5219 Remote Code Execution in Angular Expressions
Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compileuserControlledInput where userControlledInput is text that comes from user input. If running angular-expressions in the browser, an attacker could run any browser script when the...
CVE-2020-5219
The CVE-2020-5219 entry concerns angular-expressions prior to version 1.0.1. The underlying issue is a remote code execution vulnerability triggered when user-supplied input is passed to expressions.compile(userControlledInput). In the browser, this can allow execution of arbitrary browser script...