Carlo-Feudo

**Name of the Vulnerable Software and Affected Versions** angular-translate versions through 2.19.1 **Description** The issue allows for XSS attacks via a crafted key used by the translate directive. The vendor notes that there is no documentation indicating a key is supposed to be safe against XSS attacks. **Recommendations** For versions through 2.19.1, consider disabling the translate directive until a patch is available to prevent potential XSS attacks. Restrict access to crafted keys to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.