Lucene search
+L

20 matches found

nessus
nessus
added 2025/03/27 12:0 a.m.10 views

F5 Networks BIG-IP : AngularJS XSS vulnerability (K32412075)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K32412075 advisory. angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code...

5.4CVSS5.6AI score0.02142EPSS
Exploits0References2
ibm
ibm
added 2023/06/22 8:24 p.m.30 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in Node.js (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149)

Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment CVE-2023-23918, CVE-2023-23920, CVE-2023-24807, CVE-2023-23936, CVE-2023-23919. Node.js has been upgraded in IBM Planning Analytics Workspace to...

8.5CVSS7.6AI score0.14024EPSS
Exploits3Affected Software1
ibm
ibm
added 2023/03/17 5:13 p.m.51 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilties (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149)

Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment CVE-2022-43548. Angular is a JavaScript framework that extends HTML CVE-2020-7676. Logback is a logging library for Java CVE-2021-42550. Golang Go...

8.5CVSS8.6AI score0.14024EPSS
Exploits1Affected Software1
f5
f5
added 2023/02/21 6:33 p.m.77 views

K32412075: AngularJS XSS vulnerability CVE-2020-7676

Security Advisory Description angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code. CVE-2020-7676 Impact An attack...

5.4CVSS6.3AI score0.02142EPSS
Exploits0Affected Software3
ibm
ibm
added 2021/07/27 6:9 a.m.35 views

Security Bulletin: Vulnerabilities in IBM Guardium Data Encryption (GDE) (CVE-2020-7676)

Summary Vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerabilities have been fixed, please apply the latest version to obtain the fix. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper validation...

5.4CVSS1.5AI score0.02142EPSS
Exploits0Affected Software1
ibm
ibm
added 2021/06/17 11:4 p.m.48 views

Security Bulletin: A cross-site scripting vulnerability in Angular.js affects IBM InfoSphere Information Server

Summary A cross-site scripting vulnerability in Angular.js used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker cou...

5.4CVSS0.8AI score0.02142EPSS
Exploits0Affected Software1
ibm
ibm
added 2021/05/25 5:34 p.m.62 views

Security Bulletin: IBM License Key Server Administration and Reporting Tool is impacted by multiple vulnerabilities in jQuery, Bootstrap and AngularJS

Summary Multiple vulnerabilities have been found in jQuery, Bootstrap and AngularJS libraries that are used by IBM License Key Server LKS Administration and Reporting Tool ART. Mitigations have been identified and a fix has been published. Vulnerability Details CVEID: CVE-2019-14863 DESCRIPTION:...

7.1CVSS0.4AI score0.99019EPSS
Exploits17Affected Software1
redhat
redhat
added 2021/03/23 2:42 p.m.116 views

Low: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.6 security update on RHEL 8

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.4CVSS6.6AI score0.02142EPSS
Exploits0References4
redhat
redhat
added 2021/03/23 2:42 p.m.70 views

Low: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.6 security update on RHEL 7

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.4CVSS6.6AI score0.02142EPSS
Exploits0References4
nessus
nessus
added 2021/03/23 12:0 a.m.32 views

RHEL 8 : Red Hat Single Sign-On 7.4.6 security update on RHEL 8 (Low) (RHSA-2021:0969)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0969 advisory. Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-o...

5.4CVSS6.6AI score0.02142EPSS
Exploits0References8
ibm
ibm
added 2021/02/10 4:50 p.m.32 views

Security Bulletin: IBM Security Verify Information Queue uses a Node.js package with a cross-site scripting vulnerability (CVE-2020-7676)

Summary The web server in IBM Security Verify Information Queue ISIQ uses an older version of the angular.js package that has a cross-site scripting vulnerability. As of v10.0.0, ISIQ has upgraded to a newer, secure version of angular.js. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION:...

5.4CVSS0.8AI score0.02142EPSS
Exploits0Affected Software1
ibm
ibm
added 2021/01/06 1:23 p.m.50 views

Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability (CVE-2020-7676)

Summary IBM MQ Appliance has addressed a cross-site scripting vulnerability. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject...

5.4CVSS1.1AI score0.02142EPSS
Exploits0Affected Software1
redhat
redhat
added 2020/11/30 2:12 p.m.79 views

Moderate: Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container

Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container Fixed two jQuery vulnerabilities CVE-2020-11022, CVE-2020-11023 Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTPs requests by default Updated several dependencies of Ansible Tower's User Interface to...

9.8CVSS6.8AI score0.99019EPSS
Exploits13References3
vulnersosv
vulnersosv
added 2020/06/18 2:19 p.m.4 views

@amitport/useful (>=0.5.0 <=0.5.2), @arivazhagan/demo-project (=1.0.1) +1011 more potentially affected by CVE-2020-7676 via angular (>=0.0.1 <=1.7.9)

angular NPM version =0.0.1, =0.5.0, =0.0.8, =2.3.0, =1.5.8, =2.8.3-2, =0.1.0, =1.0.0, =0.0.7, =0.0.1, =0.2.24, =0.0.1, =0.0.1, =0.0.5, =0.1.7 and more Source cves: CVE-2020-7676 Source advisory: OSV:GHSA-MHP6-PXH8-R675...

5.4CVSS6.7AI score0.02142EPSS
Exploits0
nvd
nvd
added 2020/06/08 2:15 p.m.21 views

CVE-2020-7676

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code...

5.4CVSS6.2AI score0.02142EPSS
Exploits0References12
osv
osv
added 2020/06/08 2:15 p.m.34 views

CVE-2020-7676

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code...

5.4CVSS6.1AI score
Exploits0References12
ubuntucve
ubuntucve
added 2020/06/08 2:15 p.m.58 views

CVE-2020-7676

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code...

5.4CVSS5.7AI score0.02142EPSS
Exploits0References2
debiancve
debiancve
added 2020/06/08 1:34 p.m.46 views

CVE-2020-7676

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code...

5.4CVSS5.4AI score0.02142EPSS
Exploits0
cvelist
cvelist
added 2020/06/08 1:34 p.m.30 views

CVE-2020-7676

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code...

5.8AI score0.02142EPSS
Exploits0References12
cve
cve
added 2020/06/08 1:34 p.m.528 views

CVE-2020-7676

CVE-2020-7676 is an AngularJS XSS vulnerability. AngularJS prior to 1.8.0 allows cross-site scripting due to regex-based HTML sanitization that may revert to unsanitized code; wrapping option elements in select can alter parsing and lead to unsanitized content being rendered. Connected documents ...

5.4CVSS5.4AI score0.02142EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder