CVE-2022-25869 (Medium) detected in angularjs-1.4.3.jar #194

mend-for-github-com · 2023-05-08T14:43:11Z

CVE-2022-25869 - Medium Severity Vulnerability

Vulnerable Library - angularjs-1.4.3.jar

WebJar for AngularJS

Library home page: http://webjars.org

Path to dependency file: /pom.xml

Path to vulnerable library: /epository/org/webjars/angularjs/1.4.3/angularjs-1.4.3.jar

Dependency Hierarchy:

❌ angularjs-1.4.3.jar (Vulnerable Library)

Found in HEAD commit: 1d4a86820b5ccc9e51b82198be488c68e9299e40

Found in base branch: master

Vulnerability Details

All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.

Publish Date: 2022-07-15

URL: CVE-2022-25869

CVSS 3 Score Details (6.1)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None

For more information on CVSS3 Scores, click here.

mend-for-github-com bot added the Mend: dependency security vulnerability Security vulnerability detected by WhiteSource label May 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2022-25869 (Medium) detected in angularjs-1.4.3.jar #194

CVE-2022-25869 (Medium) detected in angularjs-1.4.3.jar #194

mend-for-github-com bot commented May 8, 2023

CVE-2022-25869 (Medium) detected in angularjs-1.4.3.jar #194

CVE-2022-25869 (Medium) detected in angularjs-1.4.3.jar #194

Comments

mend-for-github-com bot commented May 8, 2023

CVE-2022-25869 - Medium Severity Vulnerability