CVE-2015-7565

Published Apr 13, 2017

Last updated a year ago

CVSS medium 6.1

Overview

Description: Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8615A1CB-0FBA-4E10-BBA5-6A440BB3F609"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3EDF2C2F-888E-46A5-8359-A6F7E224C9BE"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C82522C3-F56A-4801-B83A-04AC651C111B"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60D9D2D6-B06F-4594-8A33-A04FD03A5E9B"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53DF7E69-0E76-404A-AF28-0D0B6895CEE0"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D03A919D-607F-4D76-940E-5AFA80B0E28C"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02C06FFD-0927-4E56-9922-4A50A5FE2252"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.11.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1037B00-0ED5-49E1-B6C2-9A641390C7C2"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F2AA0AA-A329-467A-BACE-2C3F5DF55283"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3CEA724-355C-4B1B-B7CA-0CA83FE4F951"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "289C8EE7-BCF3-4838-B4C3-9F591A9AAD08"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.12.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "561FC98E-E163-4016-829E-5C6DF8952494"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F1781B6-9346-44C6-99BC-B4D79330CF3B"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A1B6AA3-0A12-47C5-B18A-0267ECDCC7A5"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F45E154C-3E90-4291-9915-2452BBCCB5CC"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F6C5973-AC8E-497D-A699-5528DA32FAD3"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E20CB5A6-0A2C-4487-9080-664FBE92C64C"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD5E74F0-BA7D-43CC-BB45-A5B172CF59A9"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9287178-886B-471F-B583-AA2F9050EE9E"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D81AFC84-5175-4057-A4EC-FAA536A684E1"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EC0B1BD-6C77-46FC-986B-55C6544369A4"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85D5DE5E-6C11-45C9-9F34-35F3243E7644"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B48E1D0A-452A-430C-8D16-90CC73C06CB4"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:1.13.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10C90F7E-E0FA-430B-96EF-84ED5499BBBB"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E0ED305-130C-4A9A-BCB2-49120CB82CB7"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B910248A-05B2-4EEC-B75F-8D53525BF356"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EBEE7B0-CEA8-426D-AB60-F1A159A2E99C"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D3CE82A-0EB5-4D37-993A-08B4C9EEB71D"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CF4A0B3-39B8-4EF0-84B4-E941783EA5CF"
          },
          {
            "criteria": "cpe:2.3:a:emberjs:ember.js:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0C9116C-2784-4576-8C43-B80983486FFD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References