CVE-2024-33665

Name of the Vulnerable Software and Affected Versions angular-translate versions through 2.19.1

Description The issue allows for XSS attacks via a crafted key used by the translate directive. The vendor notes that there is no documentation indicating a key is supposed to be safe against XSS attacks.

Recommendations For versions through 2.19.1, consider disabling the translate directive until a patch is available to prevent potential XSS attacks. Restrict access to crafted keys to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.