Description

Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.

Remediation

References

CVE-2015-7565

Related Vulnerabilities

PHP Numeric Errors Vulnerability (CVE-2008-2107)

MySQL CVE-2015-0499 Vulnerability (CVE-2015-0499)

PHP Numeric Errors Vulnerability (CVE-2016-4346)

WordPress Plugin AdKlick Advertising Management Unspecified Vulnerability (1.1)

WordPress Plugin Advanced Custom Fields (ACF) Arbitrary File Upload (5.12.2)

Severity

Medium

Classification

CVE-2015-7565 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities