Cross-site Scripting (XSS)

Overview angularjs is a Affected versions of this package are vulnerable to Cross-site Scripting XSS. Browsers mutate attributes values such as javascript:alert1 when they are written to the DOM via innerHTML in various vendor specific ways. In Chrome CLICKME'; var innerHTML = h1.innerHTML;...