Lucene search
Veracode Vulnerability DatabaseVERACODE:35734HistoryMay 27, 2022 - 4:47 a.m.
Cross-Site Scripting (XSS)
2022-05-2704:47:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.001 Low
EPSS
Percentile
33.0%
@angular/core is vulnerable to cross-site scripting. The vulnerability exists in few methods due to not escaping the comment text which allows an attacker to inject and execute arbitrary javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| @angular/core | le | 11.0.4 | |
| @angular/core | le | 11.1.0-next.2 | |
| @angular/core | le | 11.0.4 | |
| @angular/core | le | 11.1.0-next.2 |
Related
gitlab
gitlab
Cross site scripting in Angular
2022-05-27 00:00:00
nvd
nvd
CVE-2021-4231
2022-05-26 14:15:07
cvelist
cvelist
CVE-2021-4231 Angular Comment cross site scripting
2022-05-26 07:10:14
osv
osv
CVE-2021-4231
2022-05-26 14:15:07
Cross site scripting in Angular
2022-05-27 00:01:08
github
github
Cross site scripting in Angular
2022-05-27 00:01:08
redhatcve
redhatcve
CVE-2021-4231
2022-06-07 02:28:18
prion
prion
Cross site scripting
2022-05-26 14:15:00
cve
cve
CVE-2021-4231
2022-05-26 14:15:07
nessus
nessus
RHEL 9 : Red Hat Ceph Storage 6.1 (RHSA-2023:3623)
2023-06-15 00:00:00
RHEL 9 : gjs (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : gjs (Unpatched Vulnerability)
2024-06-03 00:00:00
redhat
redhat
