Description

Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.

Remediation

References

CVE-2015-7565

Related Vulnerabilities

WordPress Plugin Ultimate Membership Pro Security Bypass (8.6)

WordPress Plugin All In One Favicon Cross-Site Scripting (4.6)

MySQL CVE-2017-3633 Vulnerability (CVE-2017-3633)

MySQL CVE-2017-10294 Vulnerability (CVE-2017-10294)

SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0974)

Severity

Medium

Classification

CVE-2015-7565 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities