Nearsighted Prank Master
ag-grid

XSS via Angular Expression

Severity: moderate

Overview

Affected versions of ag-grid are vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if used in combination with AngularJS.

Remediation

Avoid using ag-grid in combination with AngularJS until a fix is available.

Vulnerable versions

Unaffected versions

2.0.0
3 years ago
2.0.1
3 years ago
2.1.0
3 years ago
2.1.1
3 years ago
2.1.2
3 years ago
2.1.3
3 years ago
2.2.0
3 years ago
2.3.0
3 years ago
2.3.1
3 years ago
2.3.2
3 years ago
2.3.3
3 years ago
2.3.4
3 years ago
2.3.5
3 years ago
2.3.6
3 years ago
2.3.7
3 years ago
3.0.0
3 years ago
3.1.0
3 years ago
3.1.1
3 years ago
3.1.2
3 years ago
3.2.0
3 years ago
3.2.1
3 years ago
3.2.2
3 years ago
3.3.0-alpha.1
3 years ago
3.3.0
3 years ago
3.3.2
3 years ago
3.3.3
3 years ago
4.0.0
2 years ago
4.0.2
2 years ago
4.0.3
2 years ago
4.0.4
2 years ago
4.0.5
2 years ago
4.1.0
2 years ago
4.1.1
2 years ago
4.1.2
2 years ago
4.1.3
2 years ago
4.1.4
2 years ago
4.1.5
2 years ago
4.2.0
2 years ago
4.2.1
2 years ago
4.2.2
2 years ago
4.2.4
2 years ago
4.2.5
2 years ago
4.2.6
2 years ago
4.2.7
2 years ago
5.0.0-alpha.0
2 years ago
5.0.0-alpha.2
2 years ago
5.0.0-alpha.3
2 years ago
5.0.0-alpha.4
2 years ago
5.0.0-alpha.5
2 years ago
5.0.0-alpha.6
2 years ago
5.0.0
2 years ago
5.0.1
2 years ago
5.0.2
2 years ago
5.0.3
2 years ago
5.0.4
2 years ago
5.0.5
2 years ago
5.0.6
2 years ago
5.0.7
2 years ago
5.1.0
2 years ago
5.1.2
2 years ago
5.2.0
2 years ago
5.3.0
2 years ago
5.3.1
2 years ago
5.4.0
2 years ago
6.0.0
2 years ago
6.0.1
2 years ago
6.1.0
2 years ago
6.2.0
2 years ago
6.2.1
2 years ago
6.3.0
2 years ago
6.4.0
2 years ago
6.4.1
2 years ago
6.4.2
2 years ago
7.0.0
2 years ago
7.0.2
2 years ago
7.1.0
2 years ago
7.2.0
2 years ago
7.2.1
2 years ago
7.2.2
2 years ago
8.0.0
2 years ago
8.0.1
2 years ago
8.1.0
a year ago
8.1.1
a year ago
8.2.0
a year ago
9.0.0
a year ago
9.0.2
a year ago
9.0.3
a year ago
9.1.0
a year ago
10.0.0
a year ago
10.0.1
a year ago
10.0.2-beta.1
a year ago
10.0.2-beta.2
a year ago
10.0.2-beta.3
a year ago
10.1.0
a year ago
11.0.0
a year ago
12.0.0
a year ago
12.0.1
a year ago
12.0.2
a year ago
13.0.0
a year ago
13.0.1
a year ago
13.0.2
a year ago
13.1.0
a year ago
13.1.1
a year ago
13.1.2
a year ago
13.2.0
a year ago
13.3.0
10 months ago
13.3.1
10 months ago
14.0.0
9 months ago
14.0.1
9 months ago
14.1.0
9 months ago
14.1.1
9 months ago
14.2.0
9 months ago
15.0.0
8 months ago
16.0.0
7 months ago
16.0.1
7 months ago
17.0.0
5 months ago
17.1.0
4 months ago
17.1.1
4 months ago
18.0.0
2 months ago
18.0.1
2 months ago
18.1.0
a month ago
18.1.1
a month ago
18.1.2-beta.1
22 days ago
18.1.2
21 days ago
18.1.3-beta.1
21 days ago

Advisory timeline

  1. Published

    Advisory published
    Mar 15th, 2017
  2. Reported

    Initial report by Gabrielle Bourdages
    Mar 15th, 2017