A set of high-severity vulnerabilities has been identified in the Angular Language Service Visual Studio Code extension (Angular.ng-template), potentially exposing developers to remote code execution (RCE) attacks through multiple exploitation paths. The vulnerabilities arise from insecure handling of user-controlled input and unsafe configuration loading within the extension. Researchers found that attackers can exploit trusted development […]
The post Multiple Angular Language Service Extension Vulnerabilities Enable RCE Attacks appeared first on Cyber Security News.