CVE-2016-10524

Name of the Vulnerable Software and Affected Versions i18n-node-angular versions prior to 1.4.0

Description The issue concerns a REST API endpoint created for development purposes in i18n-node-angular, which was not disabled in production environments. This oversight allows a malicious user to potentially cause a Denial of Service or content injection by filling up the server. The vulnerabilities exist in versions prior to 1.4.0 and can lead to denial of service and cross-site scripting attacks.

Recommendations Update to version 1.4.0 or later. As a temporary workaround, consider disabling the REST API endpoint used for development purposes until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation.