CVE-2024-33665

Published: Apr 26, 2024

Modified: Oct 29, 2024

PUBLISHED

Description

angular-translate through 2.19.1 allows XSS via a crafted key that is used by the translate directive. NOTE: the vendor indicates that there is no documentation indicating that a key is supposed to be safe against XSS attacks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/angular-translate/angular-translate/issues/1418

https://stackblitz.com/github/neverendingsupport/angular-translate-xss-2024?file=public%2Findex.html

http://docs.herodevs.com/docs/2024-Angular-Translate-XSS

https://github.com/angular-translate/angular-translate/issues/1418#issuecomment-252498855

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-33665

Description

Affected Products

References