2 matches found
CVE-2015-7565
Cross-site scripting XSS vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML...
CVE-2015-7565
CVE-2015-7565 is an Ember.js XSS vulnerability affecting multiple branches (1.8.x–2.2.x). The root cause is improper escaping of user-controlled input in templates, allowing remote attackers to inject arbitrary script/HTML. Affected versions include 1.8.x–1.10.x, 1.11.x before 1.11.4, 1.12.x befo...