Angular SSR
Easy fix6 remedies
cpe:2.3:a:angular:angular:*:*:*:*:node.js:*:*
Easy fix6 remedies
- >= 21.2.0-next.0, < 21.2.0-rc.1
- >= 21.0.0-next.0, < 21.1.5
- >= 20.0.0-next.0, < 20.3.17
- >= 19.0.0-next.0, < 19.2.21
- <= 18.2.21
Angular SSR Server-Side Request Forgery Vulnerability
Vulnerability
Patched
A Server-Side Request Forgery (SSRF) vulnerability has been identified in Angular's Server-Side Rendering (SSR) tool, specifically in versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21. The vulnerability arises because Angular's URL reconstruction process blindly trusts user-controlled HTTP headers, such as the Host and X-Forwarded-* headers, to establish the application's base origin. This lack of validation can be exploited to manipulate URL resolutions and request destinations, potentially leading to unauthorized access to internal resources and sensitive information.
Impact
Exploitation of this vulnerability allows for arbitrary internal request steering, which can result in credential exfiltration, internal network probing, and breaches of confidentiality by accessing sensitive information processed on the server side.
Remediation
Users can upgrade to Angular versions 21.2.0-rc.1, 21.1.5, 20.3.17, or 19.2.21. For those unable to upgrade immediately, it is recommended to implement a middleware in the server.ts file to enforce numeric port validation and host name checks. Additionally, avoid using unvalidated request headers for URL construction.
Added: Feb 25, 2026, 7:32 PM
Updated: Feb 25, 2026, 7:32 PM
Vulnerability Rating
Custom Algorithm
spread
6.6impact
0.6exploitability
3.7remediation
8.3relevance
3.2threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.