XSS without HTML: Client-Side Template Injection with AngularJS

Abstract
Naive use of the extremely popular JavaScript framework AngularJS is exposing numerous websites to Angular Template Injection. This relatively low profile sibling of server-side template injection can be combined with an Angular sandbox escap… Continue reading XSS without HTML: Client-Side Template Injection with AngularJS

XSS without HTML: Client-Side Template Injection with AngularJS

Abstract
Naive use of the extremely popular JavaScript framework AngularJS is exposing numerous websites to Angular Template Injection. This relatively low profile sibling of server-side template injection can be combined with an Angular sandbox escap… Continue reading XSS without HTML: Client-Side Template Injection with AngularJS