Versions of `i18n-node-angular` prior to 1.4.0 are affected by denial of service and cross-site scripting vulnerabilities. The vulnerabilities exist in a REST endpoint that was created for development purposes, but was not disabled in production in affected versions.

## Recommendation

Update to version 1.4.0 or later.

Affected Packages

npm i18n-node-angular

Affected versions: 0 (fixed in 1.4.0)

Related CVEs

CVE-2016-10524

Key Information

GHSA ID

GHSA-97gv-3p2c-xw7j

Published

February 18, 2019 11:39 PM

Last Modified

February 11, 2022 5:08 PM

CVSS Score

7.5 /10

Primary Ecosystem

npm

Primary Package

i18n-node-angular

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 3, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.