@angular/core and @angular/compiler Security Advisory: Namespace Sanitization Bypass
Security advisory: @angular/compiler and @angular/core packages have a vulnerability allowing bypass of element and attribute sanitization via namespace workarounds.
What changed
Security advisory: @angular/compiler and @angular/core packages have a vulnerability allowing bypass of element and attribute sanitization via namespace workarounds. Namespaced script elements (e.g., <svg:script>) are not properly identified, and security context schema mappings for attributes in namespaced elements are inconsistent, leading to potential XSS.
Who it affects
Any Angular application that compiles user-controlled templates at runtime or relies on sanitization of namespaced elements/attributes.
What to do today
Update @angular/core and @angular/compiler to patched versions: 22.0.0-rc.2, 21.2.15, 20.3.22, or 19.2.23.