Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emberjs ember.js vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2013-4170
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a ...
Emberjs Ember.js 1.0.0
Emberjs Ember.js
3.5
CVSSv2
CVE-2014-0014
Ember.js 1.0.x prior to 1.0.1, 1.1.x prior to 1.1.3, 1.2.x prior to 1.2.1, 1.3.x prior to 1.3.1, and 1.4.x prior to 1.4.0-beta.2 allows remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging an application using the "{{group}}" Helper and a c...
Emberjs Ember.js 1.2.0
Emberjs Ember.js 1.3.0
Emberjs Ember.js 1.4.0
Emberjs Ember.js 1.1.2
Emberjs Ember.js 1.1.1
Emberjs Ember.js 1.1.0
Emberjs Ember.js 1.0.0
3.5
CVSSv2
CVE-2014-0013
Ember.js 1.0.x prior to 1.0.1, 1.1.x prior to 1.1.3, 1.2.x prior to 1.2.1, 1.3.x prior to 1.3.1, and 1.4.x prior to 1.4.0-beta.2 allows remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose context is set t...
Emberjs Ember.js 1.2.0
Emberjs Ember.js 1.3.0
Emberjs Ember.js 1.4.0
Emberjs Ember.js 1.1.2
Emberjs Ember.js 1.1.1
Emberjs Ember.js 1.1.0
Emberjs Ember.js 1.0.0
1 Github repository
4.3
CVSSv2
CVE-2015-1866
Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x prior to 1.10.1 and 1.11.x prior to 1.11.2.
Emberjs Ember.js 1.11.0
Emberjs Ember.js 1.10.0
Emberjs Ember.js 1.11.1
4.3
CVSSv2
CVE-2015-7565
Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x up to and including 1.10.x, 1.11.x prior to 1.11.4, 1.12.x prior to 1.12.2, 1.13.x prior to 1.13.12, 2.0.x prior to 2.0.3, 2.1.x prior to 2.1.2, and 2.2.x prior to 2.2.1 allows remote malicious users to inject arbitrary w...
Emberjs Ember.js 1.13
Emberjs Ember.js 1.11.3
Emberjs Ember.js 1.10.1
Emberjs Ember.js 1.13.10
Emberjs Ember.js 1.13.5
Emberjs Ember.js 1.8
Emberjs Ember.js 2.1.1
Emberjs Ember.js 2.0.2
Emberjs Ember.js 1.13.2
Emberjs Ember.js 1.11.1
Emberjs Ember.js 1.13.9
Emberjs Ember.js 2.1
Emberjs Ember.js 2.2
Emberjs Ember.js 1.11
Emberjs Ember.js 1.9.1
Emberjs Ember.js 1.12.1
Emberjs Ember.js 2.0
Emberjs Ember.js 1.9
Emberjs Ember.js 1.10
Emberjs Ember.js 1.13.1
Emberjs Ember.js 1.13.4
Emberjs Ember.js 1.13.6
2.6
CVSSv2
CVE-2014-0046
Cross-site scripting (XSS) vulnerability in the link-to helper in Ember.js 1.2.x prior to 1.2.2, 1.3.x prior to 1.3.2, and 1.4.x prior to 1.4.0-beta.6, when used in non-block form, allows remote malicious users to inject arbitrary web script or HTML via the title attribute.
Emberjs Ember.js 1.2.0
Emberjs Ember.js 1.4.0
Emberjs Ember.js 1.3.1
Emberjs Ember.js 1.2.1
Emberjs Ember.js 1.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started