CVE-2016-10524
HIGHi18n-node-angular < 1.4.0 - Denial of Service via Unrestricted REST API Endpoint
Title source: llmDescription
i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API endpoint that is used for development in i18n-node-angular before 1.4.0 was not disabled in production environments a malicious user could fill up the server causing a Denial of Service or content injection.
References (2)
Core 2
Core References
Broken Link, Third Party Advisory x_refsource_misc
https://nodesecurity.io/advisories/80
Patch, Third Party Advisory x_refsource_misc
https://github.com/oliversalzburg/i18n-node-angular/commit/877720d2d9bb90dc8233706e81ffa03f99fc9dc8
Scores
CVSS v3
8.2
EPSS
0.0080
EPSS Percentile
52.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
Details
CWE
CWE-400
Status
published
Products (2)
i18n-node-angular_project/i18n-node-angular
< 1.4.0
npm/i18n-node-angular
0 - 1.4.0npm
Published
May 31, 2018
Tracked Since
Feb 18, 2026