CVE-2025-66412 | Angular up to 19.2.16/20.3.14/21.0.1 cross site scripting (GHSA-v4hv-rgfq-gp49)

A vulnerability was found in Angular up to 19.2.16/20.3.14/21.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-66412. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More