CVE-2025-66412
- EPSS 0.05%
- Veröffentlicht 01.12.2025 22:35:59
- Zuletzt bearbeitet 02.12.2025 17:16:29
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the An...
CVE-2025-66035
- EPSS 0.07%
- Veröffentlicht 26.11.2025 22:18:35
- Zuletzt bearbeitet 01.12.2025 15:39:33
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HT...
CVE-2025-61261
- EPSS 0.04%
- Veröffentlicht 07.11.2025 00:00:00
- Zuletzt bearbeitet 12.11.2025 16:20:22
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
CVE-2025-59052
- EPSS 0.05%
- Veröffentlicht 10.09.2025 20:13:56
- Zuletzt bearbeitet 11.09.2025 17:14:10
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container (the "platform injector") to hold request-specific state during server-side rendering. For...
CVE-2021-4231
- EPSS 1.34%
- Veröffentlicht 26.05.2022 14:15:07
- Zuletzt bearbeitet 20.11.2025 20:45:30
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might re...