Google · Angular · CVE-2021-4231
**Name of the Vulnerable Software and Affected Versions**
Angular versions 11.0.4 through 11.1.0-next.2
**Description**
A vulnerability was found in the handling of comments, which can lead to cross site scripting. The manipulation can be launched remotely, but it might require authentication first.
**Recommendations**
For versions up to 11.0.4, upgrade to version 11.0.5.
For versions up to 11.1.0-next.2, upgrade to version 11.1.0-next.3.
Alternatively, for older versions, upgrade to version 10.2.5.