CVE-2021-32854

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-32854

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32854.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-32854

Aliases

GHSA-7h4w-6p98-r3wx

Published

2023-02-21T15:15:10Z

Modified

2025-07-29T09:56:16.233796Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.

References

https://securitylab.github.com/advisories/GHSL-2021-1001-textAngular/

Affected packages

Git / github.com/textangular/textangular

Affected ranges

Type: GIT
Repo: https://github.com/textangular/textangular
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e9f48cfc40bdc69112ab1a04b50691e892fd016c

Affected versions

1.*

1.1.0

v1.*

v1.1.0

v1.1.1

v1.1.2

v1.1.2-alpha

v1.1.2-pre2

v1.1.2-pre3

v1.2.0

v1.2.0-pre1

v1.2.0-pre2

v1.2.1

v1.2.1-pre1

v1.2.1-pre2

v1.2.1-pre3

v1.2.1-pre4

v1.2.1-pre5

v1.2.1-pre6

v1.2.2

v1.3.0

v1.3.0-16

v1.3.0-17

v1.3.0-18

v1.3.0-19

v1.3.0-20

v1.3.0-21

v1.3.0-22

v1.3.0-23

v1.3.0-pre1

v1.3.0-pre10

v1.3.0-pre11

v1.3.0-pre12

v1.3.0-pre13

v1.3.0-pre14

v1.3.0-pre15

v1.3.0-pre2

v1.3.0-pre3

v1.3.0-pre4

v1.3.0-pre5

v1.3.0-pre6

v1.3.0-pre7

v1.3.0-pre8

v1.3.0-pre9

v1.3.1

v1.3.10

v1.3.11

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.5.0

v1.5.1

v1.5.10

v1.5.11

v1.5.12

v1.5.13

v1.5.14

v1.5.15

v1.5.16

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.6-0

v1.5.7

v1.5.8

v1.5.9