Groups
Sign in
Groups
Ember.js Security
Conversations
About
Send feedback
Help
Ember.js Security
Contact owners and managers
1–8 of 8
Mark all as read
Report group
0 selected
Tom Dale
12/14/16
[2016-11-29] Security Incident: AWS S3 Access Key Exposure
On November 29th, 2016, the Ember security team was notified that version `2.11.0-beta.1` of the `
unread,
[2016-11-29] Security Incident: AWS S3 Access Key Exposure
On November 29th, 2016, the Ember security team was notified that version `2.11.0-beta.1` of the `
12/14/16
Tom Dale
1/14/16
[CVE-2015-7565] XSS Vulnerability in Ember.js with User-Supplied JSON
There is a vulnerability where values bound to the DOM are not properly escaped if the value provided
unread,
[CVE-2015-7565] XSS Vulnerability in Ember.js with User-Supplied JSON
There is a vulnerability where values bound to the DOM are not properly escaped if the value provided
1/14/16
Matthew Beale
4/14/15
[CVE-2015-1866] Ember.js XSS Vulnerability With {{view "select"}} Options
[CVE-2015-1866] Ember.js XSS Vulnerability With {{view "select"}} Options Data passed as
unread,
[CVE-2015-1866] Ember.js XSS Vulnerability With {{view "select"}} Options
[CVE-2015-1866] Ember.js XSS Vulnerability With {{view "select"}} Options Data passed as
4/14/15
Tom Dale
12/23/14
Ember 1.9.1 with XSS Improvements Released
We've just released Ember 1.9.1 with more conservative defaults around escaping bound attributes.
unread,
Ember 1.9.1 with XSS Improvements Released
We've just released Ember 1.9.1 with more conservative defaults around escaping bound attributes.
12/23/14
Tom Dale
2/7/14
[CVE-2014-0046] XSS Vulnerability With {{link-to}} Helper in Non-block Form
XSS Vulnerability With {{link-to}} Helper in Non-block Form There is a vulnerability in the {{link-to
unread,
[CVE-2014-0046] XSS Vulnerability With {{link-to}} Helper in Non-block Form
XSS Vulnerability With {{link-to}} Helper in Non-block Form There is a vulnerability in the {{link-to
2/7/14
Tom Dale
1/14/14
[CVE-2014-0014] Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper
Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper This vulnerability has been
unread,
[CVE-2014-0014] Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper
Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper This vulnerability has been
1/14/14
Tom Dale
1/14/14
[CVE-2014-0013] Potential XSS Exploit With User-Supplied Data When Binding Primitive Values
Potential XSS Exploit With User-Supplied Data When Binding Primitive Values This vulnerability has
unread,
[CVE-2014-0013] Potential XSS Exploit With User-Supplied Data When Binding Primitive Values
Potential XSS Exploit With User-Supplied Data When Binding Primitive Values This vulnerability has
1/14/14
Tom Dale
7/25/13
[CVE-2013-4170] Potential XSS Exploit When Binding `tagName` to User-Supplied Data
Potential XSS Exploit When Binding `tagName` to User-Supplied Data This vulnerability has been
unread,
[CVE-2013-4170] Potential XSS Exploit When Binding `tagName` to User-Supplied Data
Potential XSS Exploit When Binding `tagName` to User-Supplied Data This vulnerability has been
7/25/13