XSS via Angular Expression

Module: ag-grid

Published: March 15th, 2017

Reported by: Gabrielle Bourdages

CVE-NONE

CWE-79

Vulnerable: <0.0.0
Patched: >0.0.0

Overview

Affected versions of ag-grid are vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if used in combination with AngularJS.

Remediation

Avoid using ag-grid in combination with AngularJS until a fix is available.

References

Issue #1287