1. Angular Server Platform SSRF Guard Found Incomplete After Missing HTTP Absolute-Form Bypass
A security gap in Angular's platform-server package leaves server-side rendering deployments exposed to Server-Side Request Forgery (SSRF) via HTTP absolute-form request targets. The vulnerability exists in the `parseUrl` function within `ServerPlatformLocation`, where a recent patch addressed protocol-relative and bac...