CVE-2017-16009

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-16009

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16009.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-16009

Aliases

GHSA-wfw3-rgfr-6g67

Published

2018-06-04T19:29:00.727Z

Modified

2025-11-20T10:41:35.697782Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid.

References

Affected packages

Git / github.com/ag-grid/ag-grid

Affected ranges

Type: GIT
Repo: https://github.com/ag-grid/ag-grid
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4c2be853b1b8475a354dc15bcc40c94b4b14f02d

Affected versions

1.*

1.0

1.1

1.10.0

1.10.1

1.11.0

1.11.1

1.12.0

1.12.1

1.12.2

1.12.3

1.12.4

1.12.5

1.12.6

1.12.7

1.12.8

1.13.0

1.14.0

1.14.1

1.15.0

1.15.1

1.16.0

1.16.1

1.2

1.3

1.4

1.4.1

1.5.0

1.6.0

1.7.0

1.8.0

1.8.1

1.9.0

1.9.1

1.9.2

10.*

10.0.0

10.0.1

10.1.0

11.*

11.0.0

12.*

12.0.0

12.0.1

12.0.2

13.*

13.0.0

13.0.1

13.0.2

13.1.0

13.1.1

13.1.2

13.2.0

13.3.0

13.3.1

14.*

14.0.0

14.1.0

14.1.1

14.2.0

15.*

15.0.0

16.*

16.0.0

16.0.1

17.*

17.0.0

17.1.0

17.1.1

18.*

18.0.0

18.0.1

18.1.0

18.1.1

18.1.2

19.*

19.0.0

19.0.1

19.1.1

19.1.2

19.1.3

2.*

2.0.0

2.0.1

2.1.0

2.1.1

2.1.2

2.1.3

2.2.0

2.3.0

2.3.1

2.3.2

2.3.3

2.3.4

2.3.5

2.3.6

2.3.7

3.*

3.0.0

3.1.0

3.1.1

3.1.2

3.2.0

3.2.1

3.2.2

3.3.0

3.3.0-alpha.1

3.3.1

3.3.2

3.3.3

4.*

4.0.0

4.0.1

4.0.2

4.0.3

4.0.4

4.0.5

4.1.0

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.2.0

4.2.1

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

5.*

5.0.0

5.0.0-alpha.0

5.0.0-alpha.1

5.0.0-alpha.3

5.0.0-alpha.4

5.0.0-alpha.5

5.0.0-alpha.6

5.0.1

5.0.2

5.0.3

5.0.4

5.0.5

5.0.6

5.0.7

5.1.1

5.1.2

5.2.0

5.3.0

5.3.1

5.4.0

6.*

6.0.0

6.0.1

6.1.0

6.2.0

6.2.1

6.3.0

6.4.0

6.4.1

6.4.2

7.*

7.0.0

7.0.2

7.1.0

7.2.0

7.2.1

7.2.2

8.*

8.0.0

8.0.1

8.1.0

8.1.1

8.2.0

9.*

9.0.0

9.0.2

9.0.4

9.1.0

v25.*

v25.2.0

v26.*

v26.0.0

v26.1.0

v26.2.0

vDocs-25.*

vDocs-25.1.0-20210309

vDocs-25.1.0-20210310

vDocs-25.2.0-20210430

vDocs-25.3.0-20210527

vDocs-26.*

vDocs-26.0.0-20210818

vDocs-26.1.0-20211001

vDocs-26.1.0-20211013

vDocs-26.2.0-20211117

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16009.json"