Описание
XSS via Angular Expression in ag-grid
Affected versions of ag-grid are vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if used in combination with AngularJS.
Recommendation
Avoid using ag-grid in combination with AngularJS until a fix is available.
Пакеты
Наименование
ag-grid
npm
Затронутые версииВерсия исправления
<= 18.1.3-beta.1
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 7 лет назад
ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid.