Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-557A9BE7E8D06945005DD315D0F53695HistoryMay 27, 2022 - 12:00 a.m.
Cross site scripting in Angular
2022-05-2700:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
38
0.001 Low
EPSS
Percentile
33.0%
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component.
| CPE | Name | Operator | Version |
|---|---|---|---|
| npm/@angular/core | lt | 11.0.5 | |
| npm/@angular/core | ge | 11.1.0-next.0 | |
| npm/@angular/core | le | 11.1.0-next.2 |
Related
nvd
nvd
CVE-2021-4231
2022-05-26 14:15:07
cvelist
cvelist
CVE-2021-4231 Angular Comment cross site scripting
2022-05-26 07:10:14
github
github
Cross site scripting in Angular
2022-05-27 00:01:08
osv
osv
CVE-2021-4231
2022-05-26 14:15:07
Cross site scripting in Angular
2022-05-27 00:01:08
veracode
veracode
Cross-Site Scripting (XSS)
2022-05-27 04:47:38
redhatcve
redhatcve
CVE-2021-4231
2022-06-07 02:28:18
cve
cve
CVE-2021-4231
2022-05-26 14:15:07
prion
prion
Cross site scripting
2022-05-26 14:15:00
nessus
nessus
RHEL 9 : Red Hat Ceph Storage 6.1 (RHSA-2023:3623)
2023-06-15 00:00:00
RHEL 9 : gjs (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : gjs (Unpatched Vulnerability)
2024-06-03 00:00:00
redhat
redhat
