Beghelli Sicuro24 SicuroWeb AngularJS Sandbox Escape via Template Injection

Advisories

Beghelli Sicuro24 SicuroWeb AngularJS Sandbox Escape via Template Injection

severity: critical
date: 4/22/2026
Affecting: SicuroWeb (the web-based management interface of the Sicuro24 platform)
All versions that implement AngularJS 1.5.2
An affected version range remains undefined
CVE: CVE-2026-41468
CWE: CWE-1104 Use of Unmaintained Third-Party Components
CVSS: 9.3
CVSS V4 Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
References: Researcher Disclosure
PoC
Advisory
Vendor Webpage
Credit: Jean-Marie Bourbon of Bourbon Offensive Security Services
Description: Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these primitives allow attackers to escape the AngularJS sandbox and achieve arbitrary JavaScript execution in operator browser sessions, enabling session hijacking, DOM manipulation, and persistent browser compromise. Network-adjacent attackers can deliver the complete injection and escape chain via MITM in plaintext HTTP deployments without active user interaction.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo