DEBIAN-CVE-2020-7676

DEBIAN-CVE-2020-7676 PUBLISHED CVSS 5.400000095367432 MEDIUM

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.

Risk Scores

CVSS v3.1

5.400000095367432

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:13	angular.js	0, 0, 0
Debian:12	angular.js	0, 0, 0
Debian:11	angular.js	0, 0, 0
Debian:14	angular.js	0, 0, 0

Timeline

Jun 8, 2020 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-7676 advisory

Open in Interactive Console →