XLTS for AngularJS v1.5.16 Released
Jun 8, 2022
Jun 21, 2022
exploitatively-ceasing
Bug Fixes
- textarea: avoid interpolating when going back/forward on IE
- This fixes a Medium Severity XSS vulnerability (CVE-2022-25869).
- This fix was cherry-picked from the v1.9.x branch
- input: prevent browsers from autofilling hidden inputs
- Autofilling with previous values (which will then be
$interpolate
d) could lead to XSS or errors - This fix was cherry-picked from the v1.8.x branch
- Autofilling with previous values (which will then be
New Features
- Angular: implement angular.version.vendor
- This now holds the value "XLTS.dev" for ease of determining if a supported version of AngularJS is running in a given app
Jun 8, 2022
Jun 21, 2022