textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.

Affected Packages

npm textangular

Affected versions: 0 (last affected: 1.5.16)

Related CVEs

CVE-2021-32854

Key Information

GHSA ID

GHSA-7h4w-6p98-r3wx

Published

February 21, 2023 3:30 PM

Last Modified

February 22, 2023 12:11 AM

CVSS Score

5.0 /10

Primary Ecosystem

npm

Primary Package

textangular

GitHub Reviewed

✓ Yes

Dataset

Last updated: September 13, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.