CVE-2022-25844 In 1.7.0, the ' ' parameter of the posPre: 'repeat() of NUMBER_FORMATS.PATTERNS[1].posPre can be set with a very high volume.

CVE-2022-25844 In 1.7.0, the ' ' parameter of the posPre: 'repeat() of NUMBER_FORMATS.PATTERNS[1].posPre can be set with a very high volume.

It has been reported that the 1.7.1 and 1.7.2 versions are not vulnerable. Therefore, these versions are still recommended as they have already been fixed. Angular versions 1.6.0 to 1.7.2 are vulnerable to a XSS (Cross-Site Scripting) issue via the injected value of the document.currentScript property. This can be exploited to run arbitrary JavaScript within the context of an authenticated user. The issue arises from the fact that the document.currentScript property is defined on any DOM node and not just the Window object as it normally would be. This means that if an application loads a malicious script from an untrusted source, it could be executed by the user, allowing for a XSS attack. It has been reported that the 1.7.1 and 1.7.2 versions are not vulnerable. Therefore, these versions are still recommended as they have already been fixed. Angular versions 1.6.0 to 1.7.2 are vulnerable to a XSS (Cross-Site Scripting) issue via the injected value of the property. This can be exploited to run arbitrary JavaScript within the context of an authenticated user. The issue arises from the fact that the property is defined on any DOM node and not just the Window object as it normally would be. This means that if an application loads a malicious script from an untrusted source, it could be executed by the user, allowing for a XSS attack.

Solution

The affected versions of Angular have been fixed in the following release: 1.7.3
Therefore, if you are using the vulnerable versions, it is recommended to upgrade to the latest version.

Summary

Angular versions 1.6.0 to 1.7.2 are vulnerable to a XSS (Cross-Site Scripting) issue via the injected value of the document.currentScript property. This can be exploited to run arbitrary JavaScript within the context of an authenticated user. The issue arises from the fact that the document.currentScript property is defined on any DOM node and not just the Window object as it normally would be. This means that if an application loads a malicious script from an untrusted source, it could be executed by the user, allowing for a XSS attack

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe