Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x before 1.10.1 and 1.11.x before 1.11.2.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2015/04/14/11 | Exploit Mailing List Mitigation Patch Third Party Advisory |
http://www.securityfocus.com/bid/74185 | Third Party Advisory VDB Entry |
https://emberjs.com/blog/2015/04/14/security-and-bugfix-releases-ember-1-10-1-1-11-2-1-11-3.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-09-20 18:29
Updated : 2024-02-28 16:04
NVD link : CVE-2015-1866
Mitre link : CVE-2015-1866
CVE.ORG link : CVE-2015-1866
JSON object : View
Products Affected
emberjs
- ember.js
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')