Homepage

ember@1.1.0 vulnerabilities

A framework for creating ambitious web applications.

  • latest version

    1.1.1

  • latest non vulnerable version

    1.0.3

  • first published

    12 years ago

  • latest version published

    1 years ago

  • licenses detected

  • View ember package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the ember package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • L
    Cross-site Scripting (XSS)

    Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper

    In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, a vulnerability has been identified that could lead to unescaped content being inserted into the innerHTML string without being sanitized.

    >=1.4.0-beta.1 <1.4.0-beta.2>=1.3.0 <1.3.1>=1.2.0 <1.2.1>=1.1.0 <1.1.3>=1.0.0 <1.0.1
    Go back to all versions of this package