XSS in Angular
CVE-2026-50556
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting (XSS) vulnerability exists in @…
Vulnerability class: XSS (Cross-Site Scripting)
Affected products
- Angular — versions >= 22.0.0-next.0, < 22.0.0-rc.2, >= 21.0.0-next.0, < 21.2.16, >= 20.0.0-next.0, < 20.3.24
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)