Sha256: 367e1c3b958fff5987930788f6e44dd6fd795373c0dd63aac7aca574c5bc54fe

Contents?: true

Size: 911 Bytes

Versions: 6

Compression:

Stored size: 911 Bytes

Contents

---
gem: ember-source
cve: 2013-4170
url: https://groups.google.com/forum/#!topic/ember-security/dokLVwwxAdM
title: |
  Ember.js Potential XSS Exploit When Binding `tagName` to User-Supplied Data
date: 2013-07-25
description: |
  In general, Ember.js escapes or strips any user-supplied content
  before inserting it in strings that will be sent to innerHTML.
  However, the `tagName` property of an `Ember.View` was inserted into
  such a string without being sanitized. This means that if an
  application assigns a view's `tagName` to user-supplied data, a
  specially-crafted payload could execute arbitrary JavaScript in the
  context of the current domain ("XSS").

  This vulnerability only affects applications that assign or bind
  user-provided content to `tagName`.
patched_versions:
  - ~> 1.0.0.rc1.1
  - ~> 1.0.0.rc2.1
  - ~> 1.0.0.rc3.1
  - ~> 1.0.0.rc4.1
  - ~> 1.0.0.rc5.1
  - ">= 1.0.0.rc6.1"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/ember-source/CVE-2013-4170.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/ember-source/CVE-2013-4170.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/ember-source/CVE-2013-4170.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/ember-source/CVE-2013-4170.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/ember-source/CVE-2013-4170.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/ember-source/CVE-2013-4170.yml