" elements in "" ones changes p…"/> " elements in "" ones changes p…"/> " elements in "" ones changes p…"/> Resolve ⌘K Tip. Type any identifier and press Enter to open its detail page. Hit ⌘K from anywhere to focus the bar. Open the full search in the app → V Sign in App›Search Console›CVE-2020-7676VDBCVE-2020-7676 CVE-2020-7676 PUBLISHED angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code. EPSS 0.56% · 68.8th percentile Risk Scores EPSS Score0.56%68.8th percentile Affected Products VendorProductVersions Ubuntu:Pro:20.04:LTSangular.js1.5.10-1, 1.7.9-1, 1.7.9-1ubuntu0.1~esm1Ubuntu:Pro:18.04:LTSangular.js0, 1.5.10-1, 1.5.10-1ubuntu0.1~esm1Ubuntu:Pro:16.04:LTSangular.js0, 1.2.28-1ubuntu2, 1.2.28-1ubuntu2+esm1 Timeline Jun 8, 2020 CVE PublishedApr 14, 2021 EPSS ScoreJun 23, 2021 EPSS ScoreAug 24, 2021 EPSS ScoreOct 26, 2021 EPSS ScoreFeb 28, 2022 EPSS ScoreMay 1, 2022 EPSS ScoreJul 3, 2022 EPSS ScoreSep 4, 2022 EPSS ScoreNov 6, 2022 EPSS ScoreJan 8, 2023 EPSS ScoreMar 7, 2023 EPSS Score References https://ubuntu.com/security/CVE-2020-7676 third-party-advisoryhttps://snyk.io/vuln/SNYK-JS-ANGULAR-570058 third-party-advisoryhttps://www.cve.org/CVERecord?id=CVE-2020-7676 third-party-advisory Open in Interactive Console → $ Console Community · 100/wk Open console ›
Tip. Type any identifier and press Enter to open its detail page. Hit ⌘K from anywhere to focus the bar.
angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.
EPSS 0.56% · 68.8th percentile