GHSA-v4hv-rgfq-gp49: Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

• Source: GitHub Global Advisories

A stored XSS vulnerability in Angular Template Compiler allows attackers to bypass security sanitization via SVG and MathML attributes, potentially enabling malicious script injection.

A **Stored Cross-Site Scripting ([XSS](https://angular.dev/best-practices/security#preventing-cross-site-scripting-xss))** vulnerability has been identified in the **Angular Template Compiler**. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain [`javascript:` URLs](https://developer.mozilla.org/en-US/Web/URI/Reference/Schemes/javascript)) as requiring strict URL security, enabling the injection o…