CVE-2026-27970 | Angular up to 18.2.14/19.2.18/20.3.16/21.1.5/21.1.x cross site scripting (GHSA-prjf-86w9-mfqv)

A vulnerability marked as problematic has been reported in Angular up to 18.2.14/19.2.18/20.3.16/21.1.5/21.1.x. Affected by this issue is some unknown functionality. This manipulation causes cross site scripting.

This vulnerability appears as CVE-2026-27970. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More