{"containers":{"cna":{"metrics":[{"cvssV3_1":{"version":"3.1","attackVector":"NETWORK","attackComplexity":"HIGH","exploitCodeMaturity":"PROOF_OF_CONCEPT","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":4.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P"}}],"credits":[{"value":"Michael Prentice","lang":"en"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"Cross-site Scripting (XSS)","lang":"en"}]}],"providerMetadata":{"orgId":"bae035ff-b466-4ff4-94d0-fc9efd9e1730","shortName":"snyk","dateUpdated":"2025-07-28T09:59:04.148Z"},"descriptions":[{"value":"All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.","lang":"en"}],"references":[{"url":"https://security.snyk.io/vuln/SNYK-JS-ANGULAR-2949781"},{"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782"},{"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783"},{"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784"},{"url":"https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJSCORE-6084031"},{"url":"https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJS-10771617"},{"url":"https://neverendingsupport.github.io/angularjs-poc-cve-2022-25869"}],"affected":[{"product":"angular","versions":[{"version":"0","lessThan":"*","status":"affected","versionType":"semver"}],"vendor":"n/a"},{"product":"org.webjars.npm:angular","versions":[{"version":"0","lessThan":"*","status":"affected","versionType":"semver"}],"vendor":"n/a"},{"product":"org.webjars.bower:angular","versions":[{"version":"0","lessThan":"*","status":"affected","versionType":"semver"}],"vendor":"n/a"},{"product":"org.webjars.bowergithub.angular:angular","versions":[{"version":"0","lessThan":"*","status":"affected","versionType":"semver"}],"vendor":"n/a"},{"product":"AngularJS.Core","versions":[{"version":"0","lessThan":"*","status":"affected","versionType":"semver"}],"vendor":"n/a"},{"product":"angularjs","versions":[{"version":"0","lessThan":"*","status":"affected","versionType":"semver"}],"vendor":"n/a"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T04:49:44.328Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://snyk.io/vuln/SNYK-JS-ANGULAR-2949781"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://glitch.com/edit/%23%21/angular-repro-textarea-xss"}]}]},"cveMetadata":{"assignerOrgId":"bae035ff-b466-4ff4-94d0-fc9efd9e1730","assignerShortName":"snyk","cveId":"CVE-2022-25869","datePublished":"2022-07-15T20:02:02.727Z","dateReserved":"2022-02-24T00:00:00.000Z","dateUpdated":"2025-07-28T09:59:04.148Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}