Arbitrary Code Execution Affecting org.webjars.bower:angular package, versions [,1.3.0)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-JAVA-ORGWEBJARSBOWER-479436
- published 23 Jan 2017
- disclosed 7 Jun 2014
- credit Jann Horn
How to fix?
Upgrade org.webjars.bower:angular to version 1.3.0 or higher.
Overview
org.webjars.bower:angular is a bower WebJar for angular.
Affected versions of this package are vulnerable to Arbitrary Code Execution. $parse allowed arbitrary code execution via Angular expressions under some very specific conditions. The only applications affected by these vulnerabilities are those that match all of the following conditions:
- Application mixes server-side and client-side templating
- The server-side templating contains XSS vulnerabilities
- The vulnerabilities in the server-side templating are being guarded by server-side XSS filters or on the client-side via CSP
- The server-side XSS vulnerabilities can be used to augment the client-side template processed by Angular Applications not meeting all of the conditions are not vulnerable.
References
CVSS Scores
version 3.1