AngularJS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-7676 - Vulnerability Database

AngularJS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-7676

Medium
Reference: CVE-2020-7676
Title: AngularJS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping quotltoptiongtquot elements in quotltselectgtquot ones changes parsing behavior leading to possibly unsanitizing code.