Vulnerabilities > Angularjs > Angular JS > 0.9.3

DATE CVE VULNERABILITY TITLE RISK
2024-09-09 CVE-2024-8373 Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue.
network
low complexity
angularjs netapp
4.3
4.3
2020-06-08 CVE-2020-7676 Cross-site Scripting vulnerability in Angularjs Angular.Js
angular.js prior to 1.8.0 allows cross site scripting.
network
low complexity
angularjs CWE-79
5.4
5.4
2019-11-19 CVE-2019-10768 Unspecified vulnerability in Angularjs Angular.Js
In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.
network
low complexity
angularjs
7.5
7.5