Cross-site Scripting (XSS)

2018-07-0607:22:49

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

50.1%

JSON

angular-redactor is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization of user input that is used in an eval call.

CPENameOperatorVersion
angular-redactoreq1.1.4
angular-redactorle1.1.7
angular-redactorle1.1.6

Name	Operator	Version
angular-redactor	eq	1.1.4
angular-redactor	le	1.1.7
angular-redactor	le	1.1.6

References

github.com/gleez/cms/issues/796

github.com/TylerGarlick/angular-redactor/issues/77

0.001 Low

EPSS

Percentile

50.1%

JSON

Related for VERACODE:6976