CVE-2025-66035

EPSS 0.07%
Veröffentlicht 26.11.2025 22:18:35
Zuletzt bearbeitet 01.12.2025 15:39:33
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellerangular

≫

Produkt angular

Version >= 21.0.0-next.0, < 21.0.1

Status affected

Version >= 20.0.0-next.0, < 20.3.14

Status affected

Version < 19.2.16

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.205

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	7.7	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-201 Insertion of Sensitive Information Into Sent Data

The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.

CWE-359 Exposure of Private Personal Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37

https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f

https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc

https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e

https://github.com/angular/angular/releases/tag/19.2.16

https://github.com/angular/angular/releases/tag/20.3.14

https://github.com/angular/angular/releases/tag/21.0.1

https://nvd.nist.gov/vuln/detail/CVE-2025-66035

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-66035

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-66035

EUVD