CVE-2022-25869 PoC — Angular 跨站脚本漏洞

Source

https://github.com/neverendingsupport/angularjs-poc-cve-2022-25869

Associated Vulnerability

Title:Angular 跨站脚本漏洞 (CVE-2022-25869)
Description:Angular是一个开发平台。用于使用 Typescript / JavaScript 和其他语言构建移动和桌面 Web 应用程序。 Angular 所有版本存在安全漏洞，该漏洞源于Internet Explorer 浏览器中的不安全页面缓存允许插入textarea 元素。

Description

A minimal reproduction of an AngularJS <textarea> XSS vulnerability on IE (tracked as CVE-2022-25869).

Readme

# About

This is a minimal Proof-Of-Concept for an AngularJS `<textarea>` XSS vulnerability affecting Internet Explorer ([CVE-2022-25869](https://www.cve.org/CVERecord?id=CVE-2022-25869)).

You can see it live at <https://neverendingsupport.github.io/angularjs-poc-cve-2022-25869>.

File Snapshot


 [4.0K]  /data/pocs/ff3b87ed0da7bdcfddda13dc109c2a04b289b3fe
├── [1.7K]  index.html
├── [1.0K]  LICENSE
├── [ 655]  other.html
└── [ 282]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!