Description
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
Remediation
References
Related Vulnerabilities
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3838)
WordPress Plugin LiteSpeed Cache Cross-Site Scripting (3.6)
Internet Information Services Other Vulnerability (CVE-2001-0508)
PHP Incorrect Conversion between Numeric Types Vulnerability (CVE-2018-5711)
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)