Open mend-bolt-for-github[bot] opened 1 year ago
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.8.0.tgz
Path to dependency file: /package.json
Path to vulnerable library: /package.json
Dependency Hierarchy: - :x: **angular-1.8.0.tgz** (Vulnerable Library)
Found in HEAD commit: a1c271764655c7e3ff81126d5929b8dda6170bf4
Found in base branch: datasource-meta
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. Publish Date: 2022-07-15 URL: CVE-2022-25869
Publish Date: 2022-07-15
URL: CVE-2022-25869
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
Step up your Open Source Security Game with Mend here
CVE-2022-25869 - Medium Severity Vulnerability
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.8.0.tgz
Path to dependency file: /package.json
Path to vulnerable library: /package.json
Dependency Hierarchy: - :x: **angular-1.8.0.tgz** (Vulnerable Library)
Found in HEAD commit: a1c271764655c7e3ff81126d5929b8dda6170bf4
Found in base branch: datasource-meta
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here.Step up your Open Source Security Game with Mend here