{"id":"CVE-2022-25869","details":"All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of \u003ctextarea\u003e elements.","aliases":["GHSA-prc3-vjfx-vhm9"],"modified":"2026-03-13T05:38:06.866779Z","published":"2022-07-15T20:15:08.487Z","related":["CGA-vrq8-v55v-jpvp","SNYK-JAVA-ORGWEBJARSBOWER-2949783","SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784","SNYK-JAVA-ORGWEBJARSNPM-2949782","SNYK-JS-ANGULAR-2949781"],"references":[{"type":"WEB","url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782"},{"type":"WEB","url":"https://security.snyk.io/vuln/SNYK-JS-ANGULAR-2949781"},{"type":"WEB","url":"https://neverendingsupport.github.io/angularjs-poc-cve-2022-25869"},{"type":"WEB","url":"https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJS-10771617"},{"type":"WEB","url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783"},{"type":"WEB","url":"https://glitch.com/edit/%23%21/angular-repro-textarea-xss"},{"type":"WEB","url":"https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJSCORE-6084031"},{"type":"WEB","url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784"},{"type":"EVIDENCE","url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783"},{"type":"EVIDENCE","url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782"},{"type":"EVIDENCE","url":"https://snyk.io/vuln/SNYK-JS-ANGULAR-2949781"},{"type":"EVIDENCE","url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25869.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}