{"api_version":"1","generated_at":"2026-06-13T23:29:52+00:00","cve":"CVE-2015-7565","urls":{"html":"https://cve.report/CVE-2015-7565","api":"https://cve.report/api/cve/CVE-2015-7565.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2015-7565","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2015-7565"},"summary":{"title":"CVE-2015-7565","description":"Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.","state":"PUBLISHED","assigner":"redhat","published_at":"2017-04-13 14:59:00","updated_at":"2025-04-20 01:37:25"},"problem_types":["CWE-79","n/a"],"metrics":[{"version":"3.0","source":"nvd@nist.gov","type":"Primary","score":"6.1","severity":"MEDIUM","vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","data":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://emberjs.com/blog/2016/01/14/security-releases-ember-1-11-4-1-12-2-1-13-12-2-0-3-2-1-2-2-2-1.html","name":"http://emberjs.com/blog/2016/01/14/security-releases-ember-1-11-4-1-12-2-1-13-12-2-0-3-2-1-2-2-2-1.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"Ember.js - Security Releases - Ember 1.11.4, 1.12.2, 1.13.12, 2.0.3, 2.1.2, 2.2.1","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://groups.google.com/forum/#%21topic/ember-security/OfyQkoSuppY","name":"https://groups.google.com/forum/#%21topic/ember-security/OfyQkoSuppY","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Google Grupper","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://groups.google.com/forum/#!topic/ember-security/OfyQkoSuppY","name":"CONFIRM:https://groups.google.com/forum/#!topic/ember-security/OfyQkoSuppY","refsource":"MITRE","tags":[],"title":"Google Grupper","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2015-7565","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7565","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.10.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.11.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.11.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.11.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.12.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.13.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.8.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"1.9.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"2.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"2.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"2.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"7565","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emberjs","cpe5":"ember.js","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T07:51:28.532Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://emberjs.com/blog/2016/01/14/security-releases-ember-1-11-4-1-12-2-1-13-12-2-0-3-2-1-2-2-2-1.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://groups.google.com/forum/#%21topic/ember-security/OfyQkoSuppY"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2016-01-14T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-04-13T12:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://emberjs.com/blog/2016/01/14/security-releases-ember-1-11-4-1-12-2-1-13-12-2-0-3-2-1-2-2-2-1.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://groups.google.com/forum/#%21topic/ember-security/OfyQkoSuppY"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2015-7565","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://emberjs.com/blog/2016/01/14/security-releases-ember-1-11-4-1-12-2-1-13-12-2-0-3-2-1-2-2-2-1.html","refsource":"CONFIRM","url":"http://emberjs.com/blog/2016/01/14/security-releases-ember-1-11-4-1-12-2-1-13-12-2-0-3-2-1-2-2-2-1.html"},{"name":"https://groups.google.com/forum/#!topic/ember-security/OfyQkoSuppY","refsource":"CONFIRM","url":"https://groups.google.com/forum/#!topic/ember-security/OfyQkoSuppY"}]}}}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2015-7565","datePublished":"2017-04-13T14:00:00.000Z","dateReserved":"2015-09-29T00:00:00.000Z","dateUpdated":"2024-08-06T07:51:28.532Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2017-04-13 14:59:00","lastModifiedDate":"2025-04-20 01:37:25","problem_types":["CWE-79","n/a"],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.8:*:*:*:*:*:*:*","matchCriteriaId":"8615A1CB-0FBA-4E10-BBA5-6A440BB3F609"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.8.1:*:*:*:*:*:*:*","matchCriteriaId":"3EDF2C2F-888E-46A5-8359-A6F7E224C9BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.9:*:*:*:*:*:*:*","matchCriteriaId":"C82522C3-F56A-4801-B83A-04AC651C111B"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.9.1:*:*:*:*:*:*:*","matchCriteriaId":"60D9D2D6-B06F-4594-8A33-A04FD03A5E9B"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.10:*:*:*:*:*:*:*","matchCriteriaId":"53DF7E69-0E76-404A-AF28-0D0B6895CEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.10.1:*:*:*:*:*:*:*","matchCriteriaId":"D03A919D-607F-4D76-940E-5AFA80B0E28C"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.11:*:*:*:*:*:*:*","matchCriteriaId":"02C06FFD-0927-4E56-9922-4A50A5FE2252"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.11.1:*:*:*:*:*:*:*","matchCriteriaId":"F1037B00-0ED5-49E1-B6C2-9A641390C7C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.11.2:*:*:*:*:*:*:*","matchCriteriaId":"8F2AA0AA-A329-467A-BACE-2C3F5DF55283"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.11.3:*:*:*:*:*:*:*","matchCriteriaId":"E3CEA724-355C-4B1B-B7CA-0CA83FE4F951"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.12:*:*:*:*:*:*:*","matchCriteriaId":"289C8EE7-BCF3-4838-B4C3-9F591A9AAD08"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.12.1:*:*:*:*:*:*:*","matchCriteriaId":"561FC98E-E163-4016-829E-5C6DF8952494"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13:*:*:*:*:*:*:*","matchCriteriaId":"8F1781B6-9346-44C6-99BC-B4D79330CF3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.1:*:*:*:*:*:*:*","matchCriteriaId":"4A1B6AA3-0A12-47C5-B18A-0267ECDCC7A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.2:*:*:*:*:*:*:*","matchCriteriaId":"F45E154C-3E90-4291-9915-2452BBCCB5CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.3:*:*:*:*:*:*:*","matchCriteriaId":"7F6C5973-AC8E-497D-A699-5528DA32FAD3"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.4:*:*:*:*:*:*:*","matchCriteriaId":"E20CB5A6-0A2C-4487-9080-664FBE92C64C"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.5:*:*:*:*:*:*:*","matchCriteriaId":"AD5E74F0-BA7D-43CC-BB45-A5B172CF59A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.6:*:*:*:*:*:*:*","matchCriteriaId":"B9287178-886B-471F-B583-AA2F9050EE9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.7:*:*:*:*:*:*:*","matchCriteriaId":"D81AFC84-5175-4057-A4EC-FAA536A684E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.8:*:*:*:*:*:*:*","matchCriteriaId":"7EC0B1BD-6C77-46FC-986B-55C6544369A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.9:*:*:*:*:*:*:*","matchCriteriaId":"85D5DE5E-6C11-45C9-9F34-35F3243E7644"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.10:*:*:*:*:*:*:*","matchCriteriaId":"B48E1D0A-452A-430C-8D16-90CC73C06CB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:1.13.11:*:*:*:*:*:*:*","matchCriteriaId":"10C90F7E-E0FA-430B-96EF-84ED5499BBBB"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:2.0:*:*:*:*:*:*:*","matchCriteriaId":"9E0ED305-130C-4A9A-BCB2-49120CB82CB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"B910248A-05B2-4EEC-B75F-8D53525BF356"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"8EBEE7B0-CEA8-426D-AB60-F1A159A2E99C"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:2.1:*:*:*:*:*:*:*","matchCriteriaId":"3D3CE82A-0EB5-4D37-993A-08B4C9EEB71D"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"7CF4A0B3-39B8-4EF0-84B4-E941783EA5CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:emberjs:ember.js:2.2:*:*:*:*:*:*:*","matchCriteriaId":"D0C9116C-2784-4576-8C43-B80983486FFD"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2015","CveId":"7565","Ordinal":"1","Title":"CVE-2015-7565","CVE":"CVE-2015-7565","Year":"2015"},"notes":[{"CveYear":"2015","CveId":"7565","Ordinal":"1","NoteData":"Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.","Type":"Description","Title":"CVE-2015-7565"},{"CveYear":"2015","CveId":"7565","Ordinal":"2","NoteData":"2017-04-13","Type":"Other","Title":"Published"},{"CveYear":"2015","CveId":"7565","Ordinal":"3","NoteData":"2017-04-13","Type":"Other","Title":"Modified"}]}}}