ember-source Cross-site Scripting vulnerability
Moderate severity
GitHub Reviewed
Published
Aug 28, 2018
to the GitHub Advisory Database
•
Updated Aug 29, 2023
Package
Affected versions
>= 1.8.0, < 1.11.4
>= 1.12.0, < 1.12.2
>= 1.13.0, < 1.13.12
>= 2.0.0, < 2.0.3
>= 2.1.0, < 2.1.2
= 2.2.0
Patched versions
1.11.4
1.12.2
1.13.12
2.0.3
2.1.2
2.2.1
Description
Published to the GitHub Advisory Database
Aug 28, 2018
Reviewed
Jun 16, 2020
Last updated
Aug 29, 2023
Credits
-
oliverchang Analyst
Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.
References