VYPR
Low severityNVD Advisory· Published Sep 9, 2024· Updated Nov 3, 2025

AngularJS improper sanitization in '<source>' element

CVE-2024-8373

Description

Improper sanitization of the value of the [srcset] attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing .

This issue affects all versions of AngularJS.

Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
angularnpm
<= 1.8.3

Affected products

6

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.