Your RSA-2048 keys break in 2030. Find every one of them before attackers do.
📦 npm

GHSA-jrmj-c5cx-3cw6

Angular has XSS Vulnerability via Unsanitized SVG Script Attributes

Also known asCVE-2026-22610
Published
Jan 9, 2026
Updated
Jun 9, 2026
Affected
10 pkgs
Patched
8 / 10
Exploits
None indexed

EPSS Exploitation Probability

via FIRST.org ↗
0.4%probability of exploitation in next 30 days
Lower Risk35th percentile+0.42%
0.00%0.31%0.63%0.94%0.0%0.4%Feb 26May 26Jun 26

EPSS (Exploit Prediction Scoring System) is a daily probability model maintained by FIRST.org. It estimates the likelihood a CVE will be exploited in production environments within the next 30 days, derived from real-world threat intelligence signals.

Blast Radius

10 pkgs affected
📦@angular/compiler📦@angular/core📦@angular/compiler📦@angular/core📦@angular/compiler📦@angular/core📦@angular/compiler📦@angular/core+2 more

Real-time download stats are indexed for npm and PyPI packages. This vulnerability affects npm packages — download data is not available via public APIs for these ecosystems.

Description

A Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular’s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG <script> elements as a Resource URL context.

In a standard security model, attributes that can load and execute code (like a script's source) should be strictly validated. However, because the compiler does not classify these specific SVG attributes correctly, it allows attackers to bypass Angular's built-in security protections.

When template binding is used to assign user-controlled data to these attributes for example, <script [attr.href]="userInput"> the compiler treats the value as a standard string or a non-sensitive URL rather than a resource link. This enables an attacker to provide a malicious payload, such as a data:text/javascript URI or a link to an external malicious script.

Impact

When successfully exploited, this vulnerability allows for arbitrary JavaScript execution within the context of the victim's browser session. This can lead to:

  • Session Hijacking: Stealing session cookies, localStorage data, or authentication tokens.
  • Data Exfiltration: Accessing and transmitting sensitive information displayed within the application.
  • Unauthorized Actions: Performing state-changing actions (like clicking buttons or submitting forms) on behalf of the authenticated user.

Attack Preconditions

  1. The victim application must explicitly use SVG <script> elements within its templates.
  2. The application must use property or attribute binding (interpolation) for the href or xlink:href attributes of those SVG scripts.
  3. The data bound to these attributes must be derived from an untrusted source (e.g., URL parameters, user-submitted database entries, or unsanitized API responses).

Patches

  • 19.2.18
  • 20.3.16
  • 21.0.7
  • 21.1.0-rc.0

Workarounds

Until the patch is applied, developers should:

  • Avoid Dynamic Bindings: Do not use Angular template binding (e.g., [attr.href]) for SVG <script> elements.
  • Input Validation: If dynamic values must be used, strictly validate the input against a strict allowlist of trusted URLs on the server side or before it reaches the template.

Resources

Affected Packages

10 total 8 fixed
EcosystemPackageVulnerable rangeFix
📦npm@angular/compiler21.1.0-next.0&&< 21.1.0-rc.021.1.0-rc.0
📦npm@angular/core21.1.0-next.0&&< 21.1.0-rc.021.1.0-rc.0
📦npm@angular/compiler21.0.0-next.0&&< 21.0.721.0.7
📦npm@angular/core21.0.0-next.0&&< 21.0.721.0.7
📦npm@angular/compiler20.0.0-next.0&&< 20.3.1620.3.16
📦npm@angular/core20.0.0-next.0&&< 20.3.1620.3.16

Detection & mitigation playbook

Open-source dependency

  1. Detect

    Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for @angular/compiler. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.

  2. Fix

    Update @angular/compiler to 21.1.0-rc.0 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-jrmj-c5cx-3cw6 is resolved across your whole dependency graph.

  3. Workarounds

    If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.

  4. How O3 protects you

    O3 pinpoints whether GHSA-jrmj-c5cx-3cw6 is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.

Tailored to GHSA-jrmj-c5cx-3cw6. Runtime protection reduces exposure until a permanent patch is applied and verified — it complements patching, it doesn't replace it.

Frequently Asked Questions

A Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular’s internal sanitization schema fails to recognize the `href` and `xlink:href` attributes of SVG `<script>` elements as a **Resource URL** context. In a standard security model, attributes that can load and execute code (like a script's source) should be strictly validated. However, because the compiler does not classify these specific SVG attributes correctly, it allows attackers to bypass Angular's built-in security protections. When template binding is u
O3 Security · Impact-Aware SCA

Is GHSA-jrmj-c5cx-3cw6 in your dependencies?

O3 detects GHSA-jrmj-c5cx-3cw6 across npm dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.

Scan my dependencies How O3 SCA works