CVE-2015-7565

Name of the Vulnerable Software and Affected Versions Ember.js versions 1.8.x through 1.10.x Ember.js versions 1.11.x before 1.11.4 Ember.js versions 1.12.x before 1.12.2 Ember.js versions 1.13.x before 1.13.12 Ember.js versions 2.0.x before 2.0.3 Ember.js versions 2.1.x before 2.1.2 Ember.js versions 2.2.x before 2.2.1

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be exploited by attackers to execute malicious scripts on the client-side.

Recommendations For Ember.js versions 1.8.x through 1.10.x, update to a version outside of this range to mitigate the risk. For Ember.js versions 1.11.x before 1.11.4, update to version 1.11.4 or later. For Ember.js versions 1.12.x before 1.12.2, update to version 1.12.2 or later. For Ember.js versions 1.13.x before 1.13.12, update to version 1.13.12 or later. For Ember.js versions 2.0.x before 2.0.3, update to version 2.0.3 or later. For Ember.js versions 2.1.x before 2.1.2, update to version 2.1.2 or later. For Ember.js versions 2.2.x before 2.2.1, update to version 2.2.1 or later.