Listen to this Post
The vulnerability stems from two related gaps in Angular’s template processing and security schema.
First, Angular’s template preparser does not correctly treat namespaced script elements—such as `<:svg:script>—as actual script tags. Because these namespaced variants are not recognized as dangerous, they survive the compiler’s normal script‑stripping pass and are emitted into the DOM.
Second, the `DomElementSchemaRegistry` used by the compiler and runtime sanitizers mishandles elements that carry custom XML/XHTML namespaces. When an element like `:xhtml:a` is encountered, the registry looks up its security context using the full namespaced tag name rather than the standard HTML element name (e.g., a). As a result, the mapping fails and the attribute sanitizer returns `SecurityContext.NONE` instead of the required SecurityContext.URL. This means that even if a namespaced element would otherwise be sanitized, its `href` or `xlink:href` attributes are not properly validated, allowing a malicious `javascript:` URL to slip through.
The same problem affects runtime i18n attribute sanitization: the `i18nResolveSanitizer` function also fails to normalize namespaced tag names before performing its lookup, further widening the gap.
An attacker who can supply a user‑controlled template—or who can inject a namespaced element structure—can exploit this double weakness. By using a namespaced script element (e.g., <svg:script>) or a namespaced anchor with a dynamic `href` binding, the attacker bypasses both the compile‑time script‑stripping and the runtime URL sanitization. The result is client‑side cross‑site scripting (XSS), enabling arbitrary JavaScript execution in the victim’s browser.
The issue affects all Angular applications that compile user‑controlled templates at runtime and that rely on the default sanitization of namespaced elements. The flaw is fixed by normalizing custom namespaced tag names to their simple HTML counterparts inside the schema registry and the i18n sanitizer, ensuring that correct security contexts are always applied.
DailyCVE Form:
Platform: Angular
Version: versions before 22.0.0‑rc.2, 21.2.15, 20.3.22, 19.2.23
Vulnerability: XSS via namespace bypass
Severity: Moderate
date: 2026‑06‑15
Prediction: 2026‑05‑29
What Undercode Say
Check current Angular version in a project ng version | grep -E "@angular/(core|compiler)" Use npm audit to detect vulnerable packages npm audit | grep -E "angular/core|angular/compiler" Upgrade to a fixed version (example: upgrading to 22.0.0-rc.2) ng update @angular/[email protected] @angular/[email protected] Alternatively, patch with npm overrides (temporary workaround) npm install @angular/[email protected] @angular/[email protected]
// Vulnerable template example (simplified)
@Component({
template: `
<div [bash]="userProvidedTemplate"></div>
`
})
export class VulnerableComponent {
userProvidedTemplate = '<svg:script>alert("XSS")</svg:script>';
}
Exploit:
An attacker injects a template fragment containing a namespaced script element that the Angular preparser fails to strip:
<svg:script>alert(document.cookie)</svg:script>
Or uses a namespaced anchor with a dynamic `href` binding to a `javascript:` URL:
<:xhtml:a [attr.href]="'javascript:alert(\'XSS\')'">Click me</:xhtml:a>
Because the sanitization schema does not recognize the namespaced `a` tag, the `href` is not placed in SecurityContext.URL, and the dangerous payload reaches the browser.
Protection:
- Upgrade Angular to at least 22.0.0‑rc.2, 21.2.15, 20.3.22, or 19.2.23.
- Avoid compiling user‑supplied templates at runtime. If unavoidable, pre‑sanitize the input with a trusted library (e.g., DOMPurify) before passing it to Angular.
- Use a strict Content Security Policy (CSP) that disallows inline script execution.
- Enable Angular’s built‑in strict template checking (
strictTemplates: trueintsconfig.json).
Impact:
Successful exploitation allows arbitrary JavaScript execution in the context of the user’s session. This can lead to:
– Session hijacking (stealing cookies, tokens, localStorage).
– Exfiltration of sensitive data (API responses, user inputs).
– Performing unauthorized actions on behalf of the victim (e.g., changing settings, submitting forms).
– Defacement or further client‑side attacks (e.g., keylogging, phishing overlays).
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
