Skip to main content

Angular Framework CVE-2026-50557

| EUVDEUVD-2026-38257 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-06-15 https://github.com/angular/angular GHSA-f3m7-gqxr-g87x
5.3
CVSS 4.0 · Vendor: https://github.com/angular/angular
Share

Severity by source

Vendor (https://github.com/angular/angular) PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.7 MEDIUM

AC:H reflects the three required non-default preconditions; S:C and UI:R reflect classic stored/reflected XSS impact on a third-party victim browser; PR:N because the attacker does not need credentials to the Angular application itself.

3.1 AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (https://github.com/angular/angular).

CVSS VectorVendor: https://github.com/angular/angular

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

3
CVSS changed
Jun 22, 2026 - 16:52 NVD
5.3 (MEDIUM)
Source Code Evidence Fetched
Jun 15, 2026 - 17:57 vuln.today
Analysis Generated
Jun 15, 2026 - 17:57 vuln.today

DescriptionCVE.org

An issue in the @angular/compiler and @angular/core packages allows bypassing element and attribute sanitization/validation through specific namespace workarounds.

Specifically, namespaced script elements (e.g., <svg:script> or <:svg:script>) were not properly identified as script elements by the Angular template preparser, allowing them to pass through template compilation without being stripped.

Furthermore, security context schema mappings for element attributes did not consistently handle attributes within namespaced elements (like SVG and MathML), opening up gaps where malicious namespaced attributes could bypass runtime and compile-time sanitizers.

Combined, these flaws enable an attacker who can inject or supply a template/tag structure with custom namespaces to bypass Angular's script-stripping logic and attribute sanitizers, leading to client-side Cross-Site Scripting (XSS).

Impact

Any Angular application that compiles user-controlled templates at runtime, or relies on sanitization of namespaced elements/attributes, is vulnerable to this security bypass.

Once exploited, this allows a malicious actor to inject a namespaced script element or dynamic attribute bindings, bypassing core sanitization constraints to execute arbitrary JavaScript within the target user's browser context. This could lead to session hijacking, sensitive data exposure, or unauthorized actions on behalf of the user.

Attack Preconditions

To successfully exploit these vulnerabilities, the following environment parameters and application states must all concurrently exist:

  1. User-Controlled Template Input: The application must accept user-controlled inputs that are directly processed by the Angular template compiler at runtime.
  2. Namespace Parsing Support: The input structure must employ custom namespace prefixes (such as <svg:script>) to evade standard tag-name blocklists/checks.
  3. Absence of Additional Context Sanitization: The application does not perform separate input sanitization before feeding values to the Angular compiler.

Patches

  • 22.0.0-rc.2
  • 21.2.15
  • 20.3.22
  • 19.2.23

AnalysisAI

Cross-site scripting execution is possible in Angular applications (@angular/compiler and @angular/core) through a dual-bypass of the framework's template sanitization engine using XML namespace prefixes. The Angular template preparser used a simple string comparison for 'script' that failed to match namespaced representations such as ':svg:script', allowing those elements to survive template compilation unstripped. Concurrently, the security context schema mappings for namespaced SVG and MathML attributes were incomplete, allowing malicious attribute bindings to evade both compile-time and runtime sanitizers. No public exploit has been identified at time of analysis, and exploitation requires the specific non-default deployment condition of runtime JIT template compilation with user-controlled input.

Technical ContextAI

The vulnerability resides in two cooperating Angular packages: @angular/compiler (CPE: pkg:npm/@angular_compiler) and @angular/core (CPE: pkg:npm/@angular_core). In packages/compiler/src/template_parser/template_preparser.ts, SCRIPT_ELEMENT was a plain string literal 'script', causing the identity check to miss Angular's internal canonical form ':svg:script' used when a browser-namespace prefix is present. The fix widens this to a Set including ':svg:script'. In packages/compiler/src/schema/dom_security_schema.ts and packages/core/src/sanitization/sanitization.ts, SVG script element attributes (src, href, xlink:href) were registered under RESOURCE_URL security context but not consistently applied to namespaced forms, creating a gap through which arbitrary URL-valued attributes could escape sanitization. The root cause class is CWE-79 (Improper Neutralization of Input During Web Page Generation), arising from incomplete allowlist/blocklist coverage when XML namespace prefixes are prepended to otherwise-dangerous element names. A secondary logic bug was also fixed in sanitization_spec.ts: a boolean short-circuit error (SecurityContext.URL || SecurityContext.RESOURCE_URL instead of context === ...) caused security context checks to be trivially bypassed.

RemediationAI

Vendor-released patches are available; upgrade @angular/core and @angular/compiler to one of the following fixed versions: 19.2.22 or 19.2.23 (verify exact v19 fix version against npm for your minor branch), 20.3.22, 21.2.15, or 22.0.0-rc.2. Both packages must be upgraded together as the fixes span compiler and runtime components. The patch PRs are https://github.com/angular/angular/pull/68689 and https://github.com/angular/angular/pull/68868. If an immediate upgrade is not feasible, the most effective compensating control is to disable or remove any code path that passes user-controlled strings into Angular's JIT compiler (e.g., uses of JitCompilerFactory, platformBrowserDynamic with dynamic templates, or eval-equivalent template rendering APIs) - this eliminates the attack surface entirely and has no side effects on AOT-compiled code. If runtime template compilation is a required product feature, implement server-side allowlist filtering of namespace-prefixed tag names (rejecting any input containing 'svg:', 'math:', or ':svg:' prefixes) before passing content to the Angular compiler. Note that client-side pre-filtering alone is insufficient as a control, as it can be bypassed directly via API calls.

Share

CVE-2026-50557 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy