Sha256: 4689806c5c22448d7a6695d1cedcc7f96d9b0cf05e6111c889f63153a7e75ee6
Contents?: true
Size: 1.02 KB
Versions: 6
Compression:
Stored size: 1.02 KB
Contents
---
gem: ember-source
cve: 2014-0046
url: https://groups.google.com/forum/#!topic/ember-security/1h6FRgr8lXQ
title: Ember.js XSS Vulnerability With {{link-to}} Helper in Non-block Form
date: 2014-02-07
description: |
In general, Ember.js escapes or strips any user-supplied content before
inserting it in strings that will be sent to innerHTML. However, a change made
to the implementation of the {{link-to}} helper means that any user-supplied
data bound to the {{link-to}} helper's title attribute will not be escaped
correctly.
In applications that use the {{link-to}} helper in non-block form and bind
the title attribute to user-supplied content, a specially-crafted payload
could execute arbitrary JavaScript in the context of the current domain
("XSS").
All users running an affected release and binding user-supplied data to the
{{link-to}} helper's title attribute should either upgrade or use one of the
workarounds immediately.
patched_versions:
- ~> 1.2.2
- ">= 1.3.2"
unaffected_versions:
- "< 1.2.0"
Version data entries
6 entries across 6 versions & 2 rubygems