XSS via Angular Expression in ag-grid
Moderate severity
GitHub Reviewed
Published
Sep 1, 2020
to the GitHub Advisory Database
•
Updated Mar 24, 2023
Description
Published by the National Vulnerability Database
Jun 4, 2018
Reviewed
Aug 31, 2020
Published to the GitHub Advisory Database
Sep 1, 2020
Last updated
Mar 24, 2023
Affected versions of
ag-grid
are vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if used in combination with AngularJS.Recommendation
Avoid using
ag-grid
in combination with AngularJS until a fix is available.References