VYPR

npm package

angular-sanitize

pkg:npm/angular-sanitize

Vulnerabilities (1)

  • CVE-2025-2336MedJun 4, 2025
    affected >= 1.3.1, <= 1.8.3

    Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS's 'ngSanitize' module allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/atta