416 matches found
CVE-2026-27902 Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers
Svelte performance oriented web framework. Prior to version 5.53.5, errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError. Version 5.53.5 fixes the...
CVE-2026-27901 Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent`
Svelte performance oriented web framework. Prior to version 5.53.5, the contents of bind:innerText and bind:textContent on contenteditable elements were not properly escaped. This could enable HTML injection and Cross-Site Scripting XSS if rendering untrusted data as the binding's initial value o...
CVE-2026-27901 Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent`
Svelte performance oriented web framework. Prior to version 5.53.5, the contents of bind:innerText and bind:textContent on contenteditable elements were not properly escaped. This could enable HTML injection and Cross-Site Scripting XSS if rendering untrusted data as the binding's initial value o...
CVE-2026-27901
CVE-2026-27901 affects Svelte (SSR) via contenteditable bindings: in versions prior to 5.53.5, bind:innerText and bind:textContent on contenteditable elements were not properly escaped, allowing HTML injection and XSS when untrusted data is rendered as the binding’s initial server-side value. The...
CVE-2026-27901 Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent`
Svelte performance oriented web framework. Prior to version 5.53.5, the contents of bind:innerText and bind:textContent on contenteditable elements were not properly escaped. This could enable HTML injection and Cross-Site Scripting XSS if rendering untrusted data as the binding's initial value o...
@adel-t/angular-ssr (>=1.0.0 <=1.0.2), @angularexpert/my-workspace (=0.0.0) +61 more potentially affected by CVE-2026-27739 via @angular/ssr (>=17.0.5 <=19.2.19)
@angular/ssr NPM version =17.0.5, =1.0.0, =3.1.1-0, =1.0.0, =0.0.1, =0.0.1, =19.3.0, =0.30.0, =0.30.0, =19.0.0-alpha.20, =0.1.0, =8.0.0, =8.0.2 and more Source cves: CVE-2026-27739 Source advisory: OSV:GHSA-X288-3778-4HHX...
Server-side Request Forgery (SSRF)
Overview @angular/ssr is a the Angular server side rendering utilities. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the request handling pipeline due to improper validation of user-controlled HTTP headers such as Host and X-Forwarded-. An attacker can...
create-momentum-app (>=0.1.2 <=0.5.0) potentially affected by CVE-2026-27739 via @angular/ssr (=21.1.2)
@angular/ssr NPM version =21.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - create-momentum-app =0.1.2, =0.5.0 Source cves: CVE-2026-27739 Source advisory: OSV:GHSA-X288-3778-4HHX...
Angular SSR has an Open Redirect via X-Forwarded-Prefix
An Open Redirect vulnerability exists in the internal URL processing logic in Angular SSR. The logic normalizes URL segments by stripping leading slashes; however, it only removes a single leading slash. When an Angular SSR application is deployed behind a proxy that passes the X-Forwarded-Prefix...
GHSA-XH43-G2FQ-WJRJ Angular SSR has an Open Redirect via X-Forwarded-Prefix
An Open Redirect vulnerability exists in the internal URL processing logic in Angular SSR. The logic normalizes URL segments by stripping leading slashes; however, it only removes a single leading slash. When an Angular SSR application is deployed behind a proxy that passes the X-Forwarded-Prefix...
@cosla/sensemaking-web-ui (>=1.0.5 <=1.0.8), @manniwatch/client-desktop (>=0.30.0 <=0.30.1) +2 more potentially affected by CVE-2026-27738 via @angular/ssr (>=19.0.5 <=19.2.19)
@angular/ssr NPM version =19.0.5, =1.0.5, =0.30.0, =0.30.0, =19.0.0-alpha.20, =19.0.0-alpha.24 Source cves: CVE-2026-27738 Source advisory: SNYK:JS-ANGULARSSR-15357598...
EUVD-2026-8687
Angular SSR has an Open Redirect via X-Forwarded-Prefix...
CVE-2026-27738
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...
CVE-2026-27739 Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27739 Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27739 Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27739
CVE-2026-27739 affects Angular SSR, with an SSRF vulnerability in the request handling pipeline. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 allow unvalidated Host and X-Forwarded-* headers to influence base-origin URL construction, enabling arbitrary internal request steering via...
CVE-2026-27739
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27738 Angular SSR has an Open Redirect via X-Forwarded-Prefix
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...
CVE-2026-27738
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...