Issue 32639 ai dotai portlet

Open jdotcms opened this issue 2 months ago • 1 comments

Adding the rag embedding implementation

This PR fixes: #32639

Nov 05 '25 22:11 jdotcms

Semgrep found 322 ssc-1401e86e-5347-4e09-9335-667e8dfa5deb findings:

core-web/libs/ui/src/lib/modules/dot-dialog/dot-dialog.component.ts
- L23-28 - Triage
core-web/libs/ui/src/lib/dot-spinner/dot-spinner.component.ts
- L4-9 - Triage
core-web/libs/ui/src/lib/dot-icon/dot-icon.component.ts
- L10-14 - Triage
core-web/libs/ui/src/lib/dot-container-options/dot-container-options.directive.spec.ts
- L18-24 - Triage
core-web/libs/ui/src/lib/components/dot-workflow-actions/dot-workflow-actions.component.ts
- L31-37 - Triage
core-web/libs/ui/src/lib/components/dot-sidebar-accordion/components/dot-sidebar-accordion-tab/dot-sidebar-accordion-tab.component.ts
- L28-47 - Triage
core-web/libs/ui/src/lib/components/dot-pages-favorite-page-empty-skeleton/dot-pages-favorite-page-empty-skeleton.component.ts
- L3-7 - Triage
core-web/libs/ui/src/lib/components/dot-language-variable-selector/dot-language-variable-selector.component.ts
- L56-62 - Triage
core-web/libs/ui/src/lib/components/dot-asset-search/dot-asset-search.component.ts
- L30-37 - Triage
core-web/libs/ui/src/lib/components/dot-asset-search/components/dot-asset-card-list/dot-asset-card-list.component.ts
- L24-35 - Triage
core-web/libs/ui/src/lib/components/add-to-bundle/dot-add-to-bundle.component.ts
- L36-49 - Triage
core-web/libs/template-builder/src/lib/components/template-builder/template-builder.component.ts
- L81-102 - Triage
core-web/libs/template-builder/src/lib/components/template-builder/components/template-builder-actions/template-builder-actions.component.ts
- L25-31 - Triage
core-web/libs/template-builder/src/lib/components/template-builder/components/dot-layout-properties/dot-layout-property-sidebar/dot-layout-property-sidebar.component.ts
- L9-21 - Triage
core-web/libs/template-builder/src/lib/components/template-builder/components/dot-layout-properties/dot-layout-properties.component.ts
- L12-26 - Triage
core-web/libs/template-builder/src/lib/components/template-builder/components/dot-layout-properties/dot-layout-properties-item/dot-layout-properties-item.component.ts
- L4-16 - Triage
core-web/libs/template-builder/src/lib/components/template-builder/components/add-widget/add-widget.component.ts
- L14-19 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/item/dotcms-block-editor-item.spec.ts
- L29-32 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/blocks/video.component.ts
- L5-22 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/blocks/unknown.component.ts
- L6-25 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/blocks/text.component.ts
- L5-13 - Triage
- L16-58 - Triage
- L68-115 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/blocks/list.component.ts
- L3-11 - Triage
- L14-22 - Triage
- L25-33 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/blocks/image.component.ts
- L5-11 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/blocks/dot-contentlet.component.ts
- L10-30 - Triage
- L47-62 - Triage
core-web/libs/sdk/angular/src/lib/components/dotcms-block-editor-renderer/blocks/code.component.ts
- L3-13 - Triage
- L16-24 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-seo-image-preview/dot-seo-image-preview.component.ts
- L5-11 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-select-seo-tool/dot-select-seo-tool.component.ts
- L7-13 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-results-seo-tool/dot-results-seo-tool.component.ts
- L30-47 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-page-tools-seo/dot-page-tools-seo.component.ts
- L15-22 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-content-compare/dot-content-compare.component.ts
- L12-18 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-content-compare/components/fields/dot-content-compare-preview-field/dot-content-compare-preview-field.component.ts
- L5-10 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-content-compare/components/dot-content-compare-table/dot-content-compare-table.component.ts
- L18-35 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-content-compare/components/dot-content-compare-dialog/dot-content-compare-dialog.component.ts
- L16-21 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-content-compare/components/dot-content-compare-block-editor/dot-content-compare-block-editor.component.ts
- L14-18 - Triage
core-web/libs/portlets/edit-ema/ui/src/lib/dot-content-compare/components/dot-content-compare-block-editor/block-editor-mock/block-editor-mock.component.ts
- L13-18 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-layout/edit-ema-layout.component.ts
- L35-41 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/edit-ema-editor.component.ts
- L105-134 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-toolbar/dot-uve-toolbar.component.ts
- L46-75 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-toolbar/components/dot-toggle-lock-button/dot-toggle-lock-button.component.ts
- L10-15 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/dot-uve-palette.component.ts
- L11-17 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/dot-uve-palette.component.spec.ts
- L30-36 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-palette-list/dot-uve-palette-list.component.ts
- L72-95 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-palette-contenttype/dot-uve-palette-contenttype.component.ts
- L12-24 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-palette-contenttype/dot-uve-palette-contenttype.component.spec.ts
- L9-15 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-palette-contentlet/dot-uve-palette-contentlet.component.ts
- L11-23 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-palette-contentlet/dot-uve-palette-contentlet.component.spec.ts
- L9-15 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-favorite-selector/dot-favorite-selector.component.ts
- L37-42 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-lock-overlay/dot-uve-lock-overlay.component.ts
- L7-12 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/dot-ema-shell/dot-ema-shell.component.ts
- L50-89 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/components/dot-ema-dialog/dot-ema-dialog.component.ts
- L47-59 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/components/dot-block-editor-sidebar/dot-block-editor-sidebar.component.ts
- L36-48 - Triage
core-web/libs/portlets/dot-usage/src/lib/dot-usage-shell/dot-usage-shell.component.ts
- L12-25 - Triage
core-web/libs/portlets/dot-locales/portlet/src/lib/share/ui/DotLocaleConfirmationDialog/DotLocaleConfirmationDialog.component.ts
- L19-25 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/shared/ui/dot-experiments-inline-edit-text/dot-experiments-inline-edit-text.component.ts
- L45-60 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/shared/ui/dot-experiments-header/dot-experiments-ui-header.component.ts
- L24-38 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/shared/ui/dot-experiments-goals-coming-soon/dot-experiments-goals-coming-soon.component.ts
- L7-13 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/shared/ui/dot-experiments-goal-configuration-url-parameter-component/dot-experiments-goal-configuration-url-parameter-component.component.ts
- L28-43 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/shared/ui/dot-experiments-goal-configuration-reach-page/dot-experiments-goal-configuration-reach-page.component.ts
- L25-41 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/shared/ui/dot-experiments-details-table/dot-experiments-details-table.component.ts
- L25-38 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/shared/ui/dot-experiment-options/components/dot-experiments-option-content-base-component/dot-experiments-option-content-base.component.ts
- L6-9 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-reports/dot-experiments-reports.component.ts
- L28-48 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-reports/components/dot-experiments-reports-chart/dot-experiments-reports-chart.component.ts
- L15-21 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-reports/components/dot-experiments-report-daily-details/dot-experiments-report-daily-details.component.ts
- L16-30 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-list/dot-experiments-list.component.ts
- L38-58 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-list/components/dot-experiments-list-table/dot-experiments-list-table.component.ts
- L27-45 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/dot-experiments-configuration.component.ts
- L36-61 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/dot-experiments-configuration.component.spec.ts
- L87-93 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/components/dot-experiments-configuration-variants/dot-experiments-configuration-variants.component.ts
- L45-67 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/components/dot-experiments-configuration-traffic/dot-experiments-configuration-traffic.component.ts
- L27-42 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/components/dot-experiments-configuration-targeting/dot-experiments-configuration-targeting.component.ts
- L17-23 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/components/dot-experiments-configuration-scheduling/dot-experiments-configuration-scheduling.component.ts
- L23-38 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/components/dot-experiments-configuration-items-count/dot-experiments-configuration-items-count.component.ts
- L3-9 - Triage
core-web/libs/portlets/dot-experiments/portlet/src/lib/dot-experiments-configuration/components/dot-experiments-configuration-goals/dot-experiments-configuration-goals.component.ts
- L33-51 - Triage
core-web/libs/portlets/dot-content-drive/ui/src/lib/dot-folder-list-view/dot-folder-list-view.component.ts
- L33-49 - Triage
core-web/libs/portlets/dot-content-drive/portlet/src/lib/components/dot-folder-list-context-menu/dot-folder-list-context-menu.component.ts
- L38-45 - Triage
core-web/libs/portlets/dot-content-drive/portlet/src/lib/components/dot-content-drive-toolbar/dot-content-drive-toolbar.component.ts
- L49-75 - Triage
core-web/libs/portlets/dot-content-drive/portlet/src/lib/components/dot-content-drive-toolbar/components/dot-content-drive-workflow-actions/dot-content-drive-workflow-actions.component.ts
- L24-35 - Triage
core-web/libs/portlets/dot-content-drive/portlet/src/lib/components/dot-content-drive-toolbar/components/dot-content-drive-base-type-selector/dot-content-drive-base-type-selector.component.ts
- L22-27 - Triage
core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-search/dot-analytics-search.component.ts
- L18-34 - Triage
core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/dot-analytics-dashboard.component.ts
- L31-45 - Triage
core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/components/dot-analytics-state-message/dot-analytics-state-message.component.ts
- L5-19 - Triage
core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/components/dot-analytics-dashboard-filters/dot-analytics-dashboard-filters.component.ts
- L36-42 - Triage
core-web/libs/edit-content/src/lib/fields/dot-edit-content-relationship-field/components/dot-select-existing-content/components/search/search.component.spec.ts
- L33-43 - Triage
- L55-65 - Triage
core-web/libs/edit-content/src/lib/fields/dot-edit-content-file-field/components/dot-file-field/dot-file-field.component.ts
- L54-79 - Triage
core-web/libs/edit-content/src/lib/fields/dot-edit-content-custom-field/dot-edit-content-custom-field.component.ts
- L39-64 - Triage
core-web/libs/edit-content/src/lib/fields/dot-edit-content-binary-field/dot-edit-content-binary-field.component.ts
- L77-109 - Triage
core-web/libs/edit-content/src/lib/fields/dot-edit-content-binary-field/components/dot-binary-field-preview/dot-binary-field-preview.component.ts
- L52-69 - Triage
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-history/dot-edit-content-sidebar-history.component.ts
- L30-49 - Triage
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-history/components/dot-pushpublish-timeline-item/dot-pushpublish-timeline-item.component.ts
- L24-38 - Triage
core-web/libs/edit-content/src/lib/components/dot-edit-content-layout/dot-edit-content.layout.component.ts
- L80-109 - Triage
core-web/libs/edit-content/src/lib/components/dot-edit-content-compare/dot-edit-content-compare.component.ts
- L10-16 - Triage
core-web/libs/dot-rules/src/lib/rule-engine.ts
- L28-154 - Triage
core-web/libs/dot-rules/src/lib/rule-condition-group-component.ts
- L17-73 - Triage
core-web/libs/dot-rules/src/lib/rule-condition-component.ts
- L15-71 - Triage
core-web/libs/dot-rules/src/lib/rule-component.ts
- L57-235 - Triage
core-web/libs/dot-rules/src/lib/rule-action-component.ts
- L14-48 - Triage
core-web/libs/dot-rules/src/lib/push-publish/add-to-bundle-dialog-component.ts
- L14-60 - Triage
core-web/libs/dot-rules/src/lib/modal-dialog/dialog-component.ts
- L5-43 - Triage
core-web/libs/dot-rules/src/lib/google-map/area-picker-dialog.component.ts
- L20-48 - Triage
core-web/libs/dot-rules/src/lib/custom-types/visitors-location/visitors-location.component.ts
- L34-81 - Triage
core-web/libs/dot-rules/src/lib/condition-types/serverside-condition/serverside-condition.ts
- L23-128 - Triage
core-web/libs/dot-rules/src/lib/components/dropdown/dropdown.ts
- L27-56 - Triage
core-web/libs/dot-rules/src/lib/app.component.ts
- L5-13 - Triage
core-web/libs/block-editor/src/lib/extensions/asset-uploader/components/upload-placeholder/upload-placeholder.component.ts
- L7-13 - Triage
core-web/libs/block-editor/src/lib/elements/dot-context-menu/dot-context-menu.component.ts
- L26-31 - Triage
core-web/libs/block-editor/src/lib/elements/dot-bubble-menu/dot-bubble-menu.component.ts
- L66-80 - Triage
core-web/libs/block-editor/src/lib/components/dot-block-editor/dot-block-editor.component.spec.ts
- L40-48 - Triage
core-web/apps/dotcms-ui/src/stories/primeng/overlay/ConfirmDialog.component.ts
- L7-24 - Triage
core-web/apps/dotcms-ui/src/stories/primeng/misc/Defer.component.ts
- L15-46 - Triage
core-web/apps/dotcms-ui/src/stories/primeng/messages/Toast.component.ts
- L7-22 - Triage
core-web/apps/dotcms-ui/src/app/view/components/main-legacy/main-legacy.component.ts
- L19-38 - Triage
core-web/apps/dotcms-ui/src/app/view/components/login/reset-password-component/reset-password.component.ts
- L30-46 - Triage
core-web/apps/dotcms-ui/src/app/view/components/login/main/dot-login-page.component.ts
- L10-15 - Triage
core-web/apps/dotcms-ui/src/app/view/components/login/forgot-password-component/forgot-password.component.ts
- L30-46 - Triage
core-web/apps/dotcms-ui/src/app/view/components/login/dot-login-component/dot-login.component.ts
- L38-57 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-workflow-task-detail/dot-workflow-task-detail.component.ts
- L17-22 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-toolbar/dot-toolbar.spec.ts
- L48-51 - Triage
- L54-57 - Triage
- L60-63 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-toolbar/dot-toolbar.component.ts
- L20-34 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-toolbar/components/dot-toolbar-notifications/dot-toolbar-notifications.component.ts
- L23-34 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-toolbar/components/dot-toolbar-notifications/components/dot-notification-item/dot-notification-item.component.ts
- L33-38 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-theme-selector-dropdown/dot-theme-selector-dropdown.component.ts
- L29-51 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-secondary-toolbar/dot-secondary-toolbar.component.ts
- L5-10 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-secondary-toolbar/dot-secondary-toolbar.component.spec.ts
- L9-20 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-relationship-tree/dot-relationship-tree.component.ts
- L6-11 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-portlet-base/dot-portlet-base.component.ts
- L6-11 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-portlet-base/dot-portlet-base.component.spec.ts
- L8-13 - Triage
- L16-21 - Triage
- L24-27 - Triage
- L30-38 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-portlet-base/components/dot-portlet-toolbar/dot-portlet-toolbar.component.ts
- L11-17 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-portlet-base/components/dot-portlet-box/dot-portlet-box.component.ts
- L3-8 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-persona-selector/dot-persona-selector.component.ts
- L32-48 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-persona-selector-option/dot-persona-selector-option.component.ts
- L11-23 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-persona-selected-item/dot-persona-selected-item.component.ts
- L10-15 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/dot-navigation.component.ts
- L12-17 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/components/dot-sub-nav/dot-sub-nav.component.ts
- L15-39 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/components/dot-nav-item/dot-nav-item.component.ts
- L23-37 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/components/dot-nav-icon/dot-nav-icon.component.ts
- L5-10 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/components/dot-nav-header/dot-nav-header.component.ts
- L8-13 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-message-display/dot-message-display.component.ts
- L18-24 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-listing-data-table/dot-listing-data-table.component.ts
- L48-78 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-listing-data-table/action-header/action-header.component.ts
- L19-25 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-large-message-display/dot-large-message-display.component.ts
- L32-38 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-language-selector/dot-language-selector.component.ts
- L20-26 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-iframe-dialog/dot-iframe-dialog.component.ts
- L18-23 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-field-helper/dot-field-helper.component.ts
- L6-11 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-device-selector/dot-device-selector.component.ts
- L24-31 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-crumbtrail/dot-crumbtrail.component.ts
- L6-12 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-copy-link/dot-copy-link.component.ts
- L17-23 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-contentlet-editor/components/dot-reorder-menu/dot-reorder-menu.component.ts
- L7-11 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-contentlet-editor/components/dot-edit-contentlet/dot-edit-contentlet.component.ts
- L16-21 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-contentlet-editor/components/dot-create-contentlet/dot-create-contentlet.component.ts
- L21-26 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-contentlet-editor/components/dot-create-contentlet/dot-create-contentlet.component.spec.ts
- L46-49 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-contentlet-editor/components/dot-contentlet-wrapper/dot-contentlet-wrapper.component.ts
- L34-39 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-contentlet-editor/components/dot-add-contentlet/dot-add-contentlet.component.ts
- L16-21 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-content-type-selector/dot-content-type-selector.component.ts
- L15-20 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-container-selector/dot-container-selector.component.ts
- L21-27 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-base-type-selector/dot-base-type-selector.component.ts
- L15-20 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-add-persona-dialog/dot-create-persona-form/dot-create-persona-form.component.ts
- L26-40 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-add-persona-dialog/dot-add-persona-dialog.component.ts
- L17-22 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/searchable-dropdown/component/searchable-dropdown.component.ts
- L41-62 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/iframe/iframe-porlet-legacy/iframe-porlet-legacy.component.ts
- L19-24 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/iframe/iframe-component/iframe.component.ts
- L28-33 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/iframe/dot-loading-indicator/dot-loading-indicator.component.ts
- L7-13 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/forms/dot-push-publish-form/dot-push-publish-form.component.ts
- L49-66 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/forms/dot-comment-and-assign-form/dot-comment-and-assign-form.component.ts
- L44-57 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-workflows-selector-field/dot-workflows-selector-field.component.ts
- L13-25 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-workflows-actions-selector-field/dot-workflows-actions-selector-field.component.ts
- L31-43 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-wizard/dot-wizard.component.ts
- L36-41 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-textarea-content/dot-textarea-content.component.ts
- L21-34 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-textarea-content/dot-textarea-content.component.spec.ts
- L20-31 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-site-selector/dot-site-selector.component.ts
- L37-44 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-site-selector-field/dot-site-selector-field.component.ts
- L16-28 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-push-publish-env-selector/dot-push-publish-env-selector.component.ts
- L13-26 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-push-publish-dialog/dot-push-publish-dialog.component.ts
- L28-42 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-push-publish-dialog/dot-push-publish-dialog.component.spec.ts
- L36-40 - Triage
- L43-46 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-page-selector/dot-page-selector.component.ts
- L52-72 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-overlay-mask/dot-overlay-mask.component.ts
- L3-8 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-md-icon-selector/dot-md-icon-selector.component.ts
- L4-17 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-inline-edit/dot-inline-edit.component.ts
- L7-11 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-global-message/dot-global-message.component.ts
- L24-29 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-generate-secure-password/dot-generate-secure-password.component.ts
- L13-19 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-empty-state/dot-empty-state.component.ts
- L5-10 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-download-bundle-dialog/dot-download-bundle-dialog.component.ts
- L36-50 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-custom-time.component/dot-custom-time.component.ts
- L5-12 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-bulk-information/dot-bulk-information.component.ts
- L8-13 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-autocomplete-tags/dot-autocomplete-tags.component.ts
- L18-30 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-alert-confirm/dot-alert-confirm.ts
- L12-16 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-action-button/dot-action-button.component.ts
- L24-29 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-listing/dot-content-types.component.ts
- L56-76 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-listing/dot-content-types.component.spec.ts
- L115-118 - Triage
- L123-126 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-listing/components/dot-content-type-copy-dialog/dot-content-type-copy-dialog.component.ts
- L43-60 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-listing/components/dot-add-to-menu/dot-add-to-menu.component.ts
- L44-59 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/dot-content-types-edit.component.spec.ts
- L72-75 - Triage
- L82-85 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/layout/content-types-layout.component.ts
- L43-66 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/layout/content-types-layout.component.spec.ts
- L76-79 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/form/content-types-form.component.ts
- L70-93 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/dot-content-type-fields-variables/dot-content-type-fields-variables.component.ts
- L16-22 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-types-fields-list/content-types-fields-list.component.ts
- L21-26 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/new-render-mode-proptery/new-render-mode-property.component.ts
- L14-19 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-relationships-property.component.ts
- L27-41 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-new-relationships/dot-new-relationships.component.ts
- L25-38 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-edit-relationship/dot-edit-relationships.component.ts
- L35-40 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-edit-relationship/dot-edit-relationships.component.spec.ts
- L50-53 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-cardinality-selector/dot-cardinality-selector.component.ts
- L20-25 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-drop-zone/content-type-fields-drop-zone.component.spec.ts
- L79-82 - Triage
- L92-95 - Triage
- L111-114 - Triage
- L125-128 - Triage
- L434-437 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-add-row/content-type-fields-add-row.component.ts
- L33-38 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-list/dot-template-list.component.ts
- L47-67 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-props/dot-template-thumbnail-field/dot-template-thumbnail-field.component.ts
- L23-36 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-props/dot-template-props.component.ts
- L31-49 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-props/dot-template-props.component.spec.ts
- L28-32 - Triage
- L41-51 - Triage
- L70-80 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-new/dot-template-new.component.ts
- L12-17 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-create-edit.component.ts
- L32-48 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-create-edit.component.spec.ts
- L58-61 - Triage
- L66-69 - Triage
- L78-81 - Triage
- L86-90 - Triage
- L95-105 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-builder/dot-template-builder.component.ts
- L31-45 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-advanced/dot-template-advanced.component.ts
- L45-57 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-porlet-detail/dot-workflow-task/dot-workflow-task.component.ts
- L10-15 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-porlet-detail/dot-portlet-detail.component.ts
- L7-12 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-porlet-detail/dot-contentlets/dot-contentlets.component.ts
- L10-15 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-pages/guards/dot-pages.guard.spec.ts
- L15-18 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-pages/dot-pages.component.ts
- L60-86 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-pages/dot-pages.component.spec.ts
- L64-67 - Triage
- L73-76 - Triage
- L82-85 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-pages/dot-pages-listing-panel/dot-pages-listing-panel.component.ts
- L36-56 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-pages/dot-pages-favorite-panel/dot-pages-favorite-panel.component.ts
- L30-35 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-pages/dot-pages-favorite-panel/dot-pages-card/dot-pages-card.component.ts
- L10-21 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-pages/dot-pages-create-page-dialog/dot-pages-create-page-dialog.component.ts
- L21-38 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-form-builder/dot-form-builder.component.ts
- L13-18 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/seo/components/dot-edit-page-view-as-controller-seo/dot-edit-page-view-as-controller-seo.component.ts
- L38-55 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/seo/components/dot-edit-page-toolbar-seo/dot-edit-page-toolbar-seo.component.ts
- L43-65 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/main/dot-edit-page-nav/dot-edit-page-nav.component.ts
- L42-55 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/main/dot-edit-page-nav/dot-edit-page-nav.component.spec.ts
- L69-75 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/main/dot-edit-page-main/dot-edit-page-main.component.ts
- L28-43 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/layout/dot-edit-layout/dot-edit-layout.component.ts
- L34-39 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/layout/components/dot-template-additional-actions/dot-legacy-template-additional-actions-iframe/dot-legacy-template-additional-actions-iframe.component.ts
- L12-16 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/dot-edit-content.component.ts
- L87-112 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/dot-edit-content.component.spec.ts
- L146-149 - Triage
- L152-156 - Triage
- L159-162 - Triage
- L167-170 - Triage
- L176-179 - Triage
- L186-189 - Triage
- L200-203 - Triage
- L214-217 - Triage
- L223-226 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-whats-changed/dot-whats-changed.component.ts
- L15-20 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-form-selector/dot-form-selector.component.ts
- L23-29 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-edit-page-workflows-actions/dot-edit-page-workflows-actions.component.ts
- L38-44 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-edit-page-view-as-controller/dot-edit-page-view-as-controller.component.ts
- L33-47 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-edit-page-toolbar/dot-edit-page-toolbar.component.ts
- L42-63 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-edit-page-state-controller/dot-edit-page-state-controller.component.ts
- L51-65 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-edit-page-state-controller/components/dot-edit-page-lock-info/dot-edit-page-lock-info.component.ts
- L13-18 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-palette/dot-palette.component.ts
- L13-36 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-palette/dot-palette-input-filter/dot-palette-input-filter.component.ts
- L22-27 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-palette/dot-palette-contentlets/dot-palette-contentlets.component.ts
- L12-17 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-palette/dot-palette-content-type/dot-palette-content-type.component.ts
- L9-14 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-edit-page-info/dot-edit-page-info.component.ts
- L16-29 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-block-editor-sidebar/dot-block-editor-sidebar.component.ts
- L33-45 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-block-editor-sidebar/dot-block-editor-sidebar.component.spec.ts
- L74-77 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-loop-editor/dot-loop-editor.component.ts
- L16-33 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-properties/dot-container-properties.component.ts
- L45-73 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-properties/dot-container-properties.component.spec.ts
- L75-78 - Triage
- L81-91 - Triage
- L106-116 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-permissions/dot-container-permissions.component.ts
- L6-11 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-permissions/dot-container-permissions.component.spec.ts
- L10-13 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-history/dot-container-history.component.ts
- L8-13 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-history/dot-container-history.component.spec.ts
- L21-24 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-create.component.ts
- L19-32 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-code/dot-container-code.component.ts
- L30-52 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-code/dot-container-code.component.spec.ts
- L94-100 - Triage
- L114-124 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-code/dot-add-variable/dot-add-variable.component.ts
- L16-22 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/container-list/container-list.component.ts
- L55-81 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/container-list/container-list.component.spec.ts
- L216-219 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-categories/dot-categories-permissions/dot-categories-permissions.component.ts
- L6-11 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-categories/dot-categories-permissions/dot-categories-permissions.component.spec.ts
- L10-13 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-categories/dot-categories-list/dot-categories-list.component.ts
- L25-46 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-categories/dot-categories-create-edit/dot-categories-create-edit.component.ts
- L14-27 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-list/dot-apps-list.component.ts
- L21-35 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-list/dot-apps-list.component.spec.ts
- L37-43 - Triage
- L65-68 - Triage
- L73-76 - Triage
- L84-87 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-list/dot-apps-card/dot-apps-card.component.ts
- L14-29 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-list/dot-apps-card/dot-apps-card.component.spec.ts
- L17-23 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-import-export-dialog/dot-apps-import-export-dialog.component.ts
- L46-59 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration/dot-apps-configuration.component.ts
- L27-39 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration/dot-apps-configuration-list/dot-apps-configuration-list.component.ts
- L12-17 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration/dot-apps-configuration-list/dot-apps-configuration-item/dot-apps-configuration-item.component.ts
- L12-17 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration-header/dot-apps-configuration-header.component.ts
- L14-26 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration-header/dot-apps-configuration-header.component.spec.ts
- L19-25 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration-detail/dot-apps-configuration-detail.component.ts
- L18-29 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration-detail/dot-apps-configuration-detail.component.spec.ts
- L122-125 - Triage
- L133-136 - Triage
- L144-150 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration-detail/dot-apps-configuration-detail-generated-string-field/dot-apps-configuration-detail-generated-string-field.component.ts
- L60-85 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration-detail/dot-apps-configuration-detail-form/dot-apps-configuration-detail-form.component.ts
- L43-62 - Triage
core-web/apps/dotcms-ui/src/app/app.component.ts
- L13-18 - Triage

Risk: Affected versions of @angular/compiler are vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). A stored XSS vulnerability in the Angular Template Compiler arises because its internal security schema doesn't classify certain URL‐ holding attributes (e.g. xlink:href, math|href, annotation|href) or the attributeName binding on SVG animation elements (<animate>, <set>, etc.) as requiring strict URL sanitization. An attacker who can supply untrusted input to template bindings like [attr.xlink:href] or <animate [attributeName]="'href'" [values]="maliciousURL"> can inject a javascript: URL payload. When the element is activated (e.g. clicked) or the animation runs, the malicious script executes in the application's origin, enabling session hijacking, data exfiltration, or unauthorized actions.

Manual Review Advice: A vulnerability from this advisory is reachable if you allow SVG/MathML attributes (e.g., xlink:href, href) or to the attributeName field of SVG animation tags (, , etc.) in HTML templates

Fix: Upgrade this library to at least version 20.3.15 at core/core-web/yarn.lock:557.

Reference(s): https://github.com/advisories/GHSA-v4hv-rgfq-gp49, CVE-2025-66412

If this is a critical or high severity finding, please also link this issue in the #security channel in Slack.

Semgrep found 56 ssc-7ddcc10e-5a2c-4829-a735-554dbcd822d1 findings:

core-web/libs/template-builder/src/lib/components/template-builder/template-builder.component.stories.ts
- L38 - Triage
core-web/libs/template-builder/src/lib/components/template-builder/template-builder.component.spec.ts
- L60 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-layout/edit-ema-layout.component.spec.ts
- L91 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-palette-list/dot-uve-palette-list.component.spec.ts
- L71 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-favorite-selector/dot-favorite-selector.component.spec.ts
- L48 - Triage
core-web/libs/portlets/edit-ema/portlet/src/lib/dot-ema-shell/dot-ema-shell.component.spec.ts
- L221 - Triage
core-web/libs/portlets/dot-usage/src/lib/services/dot-usage.service.spec.ts
- L42 - Triage
core-web/libs/portlets/dot-usage/src/lib/dot-usage-shell/dot-usage-shell.component.spec.ts
- L56 - Triage
core-web/libs/portlets/dot-locales/portlet/src/lib/dot-locales-list/dot-locales-list.component.spec.ts
- L50 - Triage
core-web/libs/portlets/dot-content-drive/portlet/src/lib/components/dot-folder-list-context-menu/dot-folder-list-context-menu.component.spec.ts
- L101 - Triage
core-web/libs/portlets/dot-content-drive/portlet/src/lib/components/dot-content-drive-toolbar/components/dot-content-drive-workflow-actions/dot-content-drive-workflow-actions.component.spec.ts
- L37 - Triage
core-web/libs/edit-content/src/lib/store/features/workflow/workflow.feature.spec.ts
- L85 - Triage
core-web/libs/edit-content/src/lib/store/features/content/content.feature.spec.ts
- L79 - Triage
core-web/libs/edit-content/src/lib/store/edit-content.store.spec.ts
- L70 - Triage
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.spec.ts
- L90 - Triage
core-web/libs/edit-content/src/lib/components/dot-edit-content-form/dot-edit-content-form.component.spec.ts
- L158 - Triage
core-web/libs/edit-content/src/lib/components/dot-create-content-dialog/dot-create-content-dialog.component.spec.ts
- L81 - Triage
core-web/libs/data-access/src/lib/dot-page-contenttype/dot-page-contenttype.service.spec.ts
- L26 - Triage
core-web/apps/dotcms-ui/src/app/view/components/main-legacy/main-legacy.component.spec.ts
- L133 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-workflow-task-detail/dot-workflow-task-detail.component.spec.ts
- L34 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-toolbar/components/dot-toolbar-user/store/dot-toolbar-user.store.spec.ts
- L72 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-toolbar/components/dot-toolbar-user/dot-toolbar-user.component.spec.ts
- L99 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-theme-selector-dropdown/dot-theme-selector-dropdown.component.spec.ts
- L168 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-persona-selector/dot-persona-selector.component.spec.ts
- L131 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/services/dot-navigation.service.spec.ts
- L258 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/dot-navigation.component.spec.ts
- L60 - Triage
- L246 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/components/dot-sub-nav/dot-sub-nav.component.spec.ts
- L44 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-navigation/components/dot-nav-item/dot-nav-item.component.spec.ts
- L127 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-iframe-dialog/dot-iframe-dialog.component.spec.ts
- L47 - Triage
core-web/apps/dotcms-ui/src/app/view/components/dot-contentlet-editor/components/dot-create-contentlet/dot-create-contentlet.component.spec.ts
- L65 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-push-publish-dialog/dot-push-publish-dialog.component.spec.ts
- L85 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-inline-edit/dot-inline-edit.component.spec.ts
- L37 - Triage
core-web/apps/dotcms-ui/src/app/view/components/_common/dot-alert-confirm/dot-alert-confirm.spec.ts
- L33 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-listing/dot-content-types.component.spec.ts
- L177 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-listing/components/dot-add-to-menu/dot-add-to-menu.component.spec.ts
- L123 - Triage
- L135 - Triage
core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/form/content-types-form.component.spec.ts
- L167 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-builder/dot-template-builder.component.spec.ts
- L127 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-templates/dot-template-create-edit/dot-template-advanced/dot-template-advanced.component.spec.ts
- L127 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-porlet-detail/dot-workflow-task/dot-workflow-task.component.spec.ts
- L97 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-porlet-detail/dot-portlet-detail.component.spec.ts
- L106 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-porlet-detail/dot-contentlets/dot-contentlets.component.spec.ts
- L76 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-form-builder/dot-form-builder.component.spec.ts
- L24 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/seo/components/dot-edit-page-toolbar-seo/dot-edit-page-toolbar-seo.component.spec.ts
- L277 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/main/dot-edit-page-nav/dot-edit-page-nav.component.spec.ts
- L107 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/layout/dot-edit-layout/dot-edit-layout.component.spec.ts
- L72 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/layout/components/dot-template-additional-actions/dot-legacy-template-additional-actions-iframe/dot-legacy-template-additional-actions-iframe.component.spec.ts
- L25 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/content/components/dot-edit-page-toolbar/dot-edit-page-toolbar.component.spec.ts
- L214 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-palette/dot-palette.component.spec.ts
- L140 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-edit-page/components/dot-palette/dot-palette-input-filter/dot-palette-input-filter.component.spec.ts
- L34 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/resolvers/dot-container-edit.resolver.spec.ts
- L53 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-containers/dot-container-create/dot-container-create.component.spec.ts
- L42 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-categories/dot-categories-create-edit/dot-categories-create-edit.component.spec.ts
- L38 - Triage
core-web/apps/dotcms-ui/src/app/portlets/dot-apps/dot-apps-configuration/dot-apps-configuration-resolver.service.spec.ts
- L46 - Triage
core-web/apps/dotcms-ui/src/app/app.component.spec.ts
- L41 - Triage

Risk: Affected versions of @angular/common are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor / Insertion of Sensitive Information Into Sent Data. HttpClient incorrectly treats protocol-relative URLs as same-origin and attaches the X-XSRF-TOKEN header, allowing an attacker-triggered request to leak the victim’s XSRF token to an attacker-controlled domain.

Fix: Upgrade this library to at least version 20.3.14 at core/core-web/yarn.lock:536.

Reference(s): https://github.com/advisories/GHSA-58c5-g7wp-6w37, CVE-2025-66035

If this is a critical or high severity finding, please also link this issue in the #security channel in Slack.

Dec 09 '25 22:12 semgrep-code-dotcms-test[bot]