Vulnerabilities > Angularjs > Angular JS > 1.2.24
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-08 | CVE-2020-7676 | Cross-site Scripting vulnerability in Angularjs Angular.Js angular.js prior to 1.8.0 allows cross site scripting. | 5.4 |
2020-01-02 | CVE-2019-14863 | Cross-site Scripting vulnerability in multiple products There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. | 4.3 |
2019-11-19 | CVE-2019-10768 | Unspecified vulnerability in Angularjs Angular.Js In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload. | 7.5 |