Description
textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.
Remediation
References
https://securitylab.github.com/advisories/GHSL-2021-1001-textAngular/
Related Vulnerabilities
CVE-2022-4640 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2020-12725 Vulnerability in npm package redash
CVE-2021-37695 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4
CVE-2021-21293 Vulnerability in maven package org.http4s:blaze-core_2.11
CVE-2020-17527 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core