CVE
CVE-2024-8372
| CVE ID |
CVE-2024-8372
|
|---|---|
| CVSS Score |
4.3
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
1.5.13
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
NVD Listing:- NVD - CVE-2024-8372
Bug Fixes
- ng-srcset: Addresses a Content Spoofing vulnerability and failure to sanitize image URLs set by $compileProvider.imgSrcSanitizationWhitelist().
This patch addresses the CVE-2024-8372 vulnerability, where users could bypass image source restrictions using ng-attr-src