CVE-2020-7676

State: PUBLISHED · Published: 2020-06-08 · Updated: 2024-08-04 · Assigner: snyk

Description

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.

CWE

(none)

Affected

n/a / angular.js — v=All versions prior to 1.8.0 [affected]

CVSS

(none)

References

https://github.com/angular/angular.js/pull/17028%2C x_refsource_MISC
https://snyk.io/vuln/SNYK-JS-ANGULAR-570058 x_refsource_MISC
https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1%40%3Cozone-commits.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a%40%3Cozone-issues.hadoop.apache.org%3E mailing-list, x_refsource_MLIST

Source

cvelistV5-main/cves/2020/7xxx/CVE-2020-7676.json