Share
## https://sploitus.com/exploit?id=45CCA030-03C5-5378-A2B8-2ED0C4D121A8
# Angular SVG Vulnerability Scanner (CVE-2026-22610)

## Purpose:
Scan Angular projects for potential XSS vulnerabilities in SVG  elements, unsafe Angular bindings ([attr.href], [attr.xlink:href], {{ }}), and bypassSecurityTrustResourceUrl usage.

## Usage

Run the script from the project root:

### Scan current folder

    node scan-angular-svg-vuln-final.js

### Scan a specific folder

    node scan-angular-svg-vuln-final.js /project1/src

### Output:

Lists vulnerable files with line numbers and type

Saves vulnerability-report.json in the root folder

### Recommendations

Review flagged files if any

Upgrade Angular to the latest patched version

Integrate the script in CI/CD for continuous security checks

### References:
https://www.herodevs.com/vulnerability-directory/cve-2026-22610?nes-for-angular
https://github.com/angular/angular/security/advisories/GHSA-jrmj-c5cx-3cw6