Lucene search

K

RedhatCVELIST:CVE-2014-0046

HistoryFeb 27, 2014 - 3:00 p.m.

CVE-2014-0046

2014-02-2715:00:00

redhat

www.cve.org

2

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.7%

Cross-site scripting (XSS) vulnerability in the link-to helper in Ember.js 1.2.x before 1.2.2, 1.3.x before 1.3.2, and 1.4.x before 1.4.0-beta.6, when used in non-block form, allows remote attackers to inject arbitrary web script or HTML via the title attribute.

References

emberjs.com/blog/2014/02/07/ember-security-releases.html

secunia.com/advisories/56965

www.openwall.com/lists/oss-security/2014/02/14/6

www.securityfocus.com/bid/65579

exchange.xforce.ibmcloud.com/vulnerabilities/91242

groups.google.com/forum/#%21topic/ember-security/1h6FRgr8lXQ

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.7%

Related for CVELIST:CVE-2014-0046

nvd1 cve1 osv1 github1 prion1