icon

We found results for “

WS-2016-0055

Good to know:

Date: July 21, 2016

"Angular is HTML enhanced for web apps.The sandbox (while not a security feature) is supposed to error on access to constructor properties. In its current state it is trivial to bypass.The expected behavior is that the sandbox would throw an 'Assigning to constructor is disallowed' error."

Language: JS

Severity Score

Severity Score

Weakness Type (CWE)

Authentication Bypass by Assumed-Immutable Data

CWE-302

Top Fix

icon

Upgrade Version

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): NONE

Do you need more information?

Contact Us