Bug 2491419 (CVE-2026-50557)
| Summary: | CVE-2026-50557 @angular/compiler: @angular/core: Angular: Template and Attribute Namespace Sanitization Bypass (XSS) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | anujha, aschwart, asoldano, aszczucz, bbaranow, bdettelb, bmaxwell, boliveir, bstansbe, dlofthou, doconnor, drichtar, eglynn, ewittman, gotiwari, gparvin, istudens, ivassile, iweiss, janstey, jhorak, jjoyce, jpretori, jschluet, lchilton, lhh, mburns, mgarciac, mosmerov, mposolda, msvehla, mvyas, nipatil, nwallace, pantinor, pberan, pesilva, pjindal, pmackay, rhaigner, rhel-process-autobot, rkubis, rmartinc, rstancel, sfeifer, ssilvert, sthorger, teagle, thjenkin, vdosoudi, vmuzikar, watson-tool-maintainers |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Angular's @angular/compiler and @angular/core packages. Namespaced script elements were not properly identified by the template preparser, and security context schema mappings did not consistently handle attributes within namespaced elements. An attacker who can inject template structures with custom namespaces can bypass Angular's sanitization logic, potentially leading to cross-site scripting (XSS).
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2026-06-22 16:02:33 UTC
|