CVE-2022-25869

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-25869

CGA ID

CGA-pgvf-636c-g5c2

Severity

6.1

Medium

CVSS V3

Description

All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements.

References

https://images.chainguard.dev/security/CGA-pgvf-636c-g5c2
https://github.com/advisories/GHSA-prc3-vjfx-vhm9
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782
https://snyk.io/vuln/SNYK-JS-ANGULAR-2949781
https://glitch.com/edit/%23%21/angular-repro-textarea-xss
https://security-tracker.debian.org/tracker/CVE-2022-25869

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2022-25869

Severity

Description

References

Affected packages

Product

Why Chainguard

Customers

Company

Resources