- It should not be possible for an attacker to inject AngularJS expressions by using curly braces. The application needs to either treat curly braces in user input as highly dangerous or avoid server-side reflection of user input entirely.
- Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.11)
- WordPress Plugin WP-Members Membership Cross-Site Scripting (184.108.40.206)
- WordPress Plugin SEO Rank Reporter Cross-Site Scripting (2.2.2)
- WordPress Plugin User Login History Multiple Cross-Site Scripting Vulnerabilities (1.5.2)
- WordPress Plugin PIKLIST-Rapid development framework Cross-Site Scripting (0.9.4.25)