GHSA-W67G-2H6V-VJGQ Phlex XSS protection bypass via attribute splatting, dynamic tags, and href values

Impact During a security audit conducted with Claude Opus 4.6 and GPT-5.3-Codex, we identified three specific ways to bypass the XSS cross-site-scripting protection built into Phlex. 1. The first bypass could happen if user-provided attributes with string keys were splatted into HTML tag, e.g...

Cross-site Scripting (XSS)

Overview phlex is a high-performance view framework optimised for fun. Affected versions of this package are vulnerable to Cross-site Scripting XSS via attributes, tag names, and link values in HTML rendering. An attacker can execute scripts in the context of the user's browser by injecting...

Phlex XSS protection bypass via attribute splatting, dynamic tags, and href values

Impact During a security audit conducted with Claude Opus 4.6 and GPT-5.3-Codex, we identified three specific ways to bypass the XSS cross-site-scripting protection built into Phlex. 1. The first bypass could happen if user-provided attributes with string keys were splatted into HTML tag, e.g...

CVE-2025-71164

Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...

USN-7958-1 angular.js vulnerabilities

It was discovered that AngularJS did not properly sanitize certain xlink:href attributes. A remote attacker could possibly use this issue to perform cross site scripting. This issue only affected Ubuntu 16.04 LTS. CVE-2019-14863 It was discovered that AngularJS incorrectly handled certain regular...

CVE-2026-22610

A flaw was found in Angular. An attacker could exploit a cross-site scripting XSS vulnerability in the Angular Template Compiler due to improper sanitization of href and xlink:href attributes within SVG Mitigation This issue can be mitigating by avoiding the usage of dynamic bindings, this can be...

Cross-site Scripting (XSS)

Angular is vulnerable to cross-site scripting XSS. The vulnerability is due to Angular Template Compiler’s internal sanitization schema failing to recognize the href and xlink:href attributes of SVG...

Linux Distros Unpatched Vulnerability : CVE-2026-22610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18,...

CVE-2026-22610

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

DEBIAN-CVE-2026-22610

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

CVE-2026-22610

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

UBUNTU-CVE-2026-22610

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

CVE-2026-22610 Angular has XSS Vulnerability via Unsanitized SVG Script Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

CVE-2026-22610 Angular has XSS Vulnerability via Unsanitized SVG Script Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

Angular 跨站脚本漏洞

Angular is Angular open source a development platform . Used to build mobile and desktop Web applications using Typescript / JavaScript and other languages. A cross-site scripting vulnerability exists in Angular versions prior to 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0 that stems from an intern...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of SVG element attributes href and xlink:href when user-controlled data is bound to these attributes. An attacker can execute arbitrary JavaScript code in the victim's browser by supplying a...

Angular has XSS Vulnerability via Unsanitized SVG Script Attributes

A Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular’s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG elements as a Resource URL context. In a standard security model,...

PT-2026-2230

Name of the Vulnerable Software and Affected Versions Angular versions prior to 19.2.18 Angular versions prior to 20.3.16 Angular versions prior to 21.0.7 Angular version 21.1.0-rc.0 Description Angular is a development platform for building mobile and desktop web applications using...

CVE-2019-12173

MacDown 0.7.1 870 allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138...

Server-side Request Forgery (SSRF)

Astro is vulnerable to server-side request forgery SSRF. The vulnerability is due to improper image proxy domain validation, which allows an attacker to bypass restrictions using backslashes in the href parameter and trigger server-side requests to arbitrary URLs...