Textangular: Security Vulnerabilities
textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-02-21
Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-02-20