CVE-2024-8373

Name of the Vulnerable Software and Affected Versions: AngularJS versions all

Description: The issue is related to improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS, allowing attackers to bypass common image source restrictions. This can also lead to a form of Content Spoofing. The AngularJS project is End-of-Life and will not receive any updates to address this issue.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.