Vulnerabilities (CVE)

Filtered by vendor Angularjs Subscribe

Filtered by product Angular.js

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-7676	1 Angularjs	1 Angular.js	2020-10-09	3.5 LOW	5.4 MEDIUM
angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.
CVE-2019-14863	2 Angularjs, Redhat	3 Angular.js, Decision Manager, Process Automation	2020-01-09	4.3 MEDIUM	6.1 MEDIUM
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.