PT-2017-6532 · Ember.Js · Ember.Js

Phillip Haines

·

Published

2017-09-20

·

Updated

2018-08-28

·

CVE-2015-1866

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Ember.js versions 1.10.x through 1.10.0 Ember.js versions 1.11.x through 1.11.1
Description A cross-site scripting (XSS) issue exists.
Recommendations For Ember.js versions 1.10.x through 1.10.0, update to version 1.10.1. For Ember.js versions 1.11.x through 1.11.1, update to version 1.11.2.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2015-1866
GHSA-MP78-R56V-45QC

Affected Products

Ember.Js