Description

Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.

Remediation

References

CVE-2015-7565

Related Vulnerabilities

Claroline Other Vulnerability (CVE-2006-1594)

WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10100)

WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14)

WordPress Plugin Page Builder, Website Builder:Simply Symphony! & Flux Live!-Full Drag And Drop Front End Vi Cross-Site Scripting (0.2.7.9)

WordPress Plugin BuddyPress Multiple Cross-Site Request Forgery Vulnerabilities (2.8.1)

Severity

Medium

Classification

CVE-2015-7565 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities