Security
Headlines

Headlines Latest CVEs

Headline

GHSA-7h4w-6p98-r3wx: textAngular Cross-site Scripting vulnerability

textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.

1 year ago

#xss #vulnerability #js #git

textAngular Cross-site Scripting vulnerability

Moderate severity GitHub Reviewed Published Feb 21, 2023 to the GitHub Advisory Database • Updated Feb 22, 2023

Related news

CVE-2021-32854: GHSL-2021-1001: Copy-paste XSS in textAngular text editor - CVE-2021-32854

textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.

1 year ago

#xss #js #git #chrome

ghsa: Latest News

GHSA-5jfw-gq64-q45f: HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through

17 hours ago

GHSA-hrxh-9w67-g4cv: Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

18 hours ago

GHSA-m5vv-7jxc-8p6x: Redaxo Core CMS Cross Site Scripting (XSS)

20 hours ago

GHSA-p7f6-8mcm-fwv3: Statamic CMS has a Path Traversal in Asset Upload

20 hours ago

GHSA-2x2g-32r7-p4x8: Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider

1 day ago