CVE-2015-1866: Vulnerability With {{view "select"}} Options

September 20, 2017 (updated September 27, 2017)

In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, a change made to the implementation of the select view means that any user-supplied data bound to an option’s label will not be escaped correctly. In applications that use Ember’s select view and pass user-supplied content to the label, a specially-crafted payload could execute arbitrary JavaScript in the context of the current domain (“XSS”).

References

groups.google.com/forum/

Code Behaviors & Features

Detect and mitigate CVE-2015-1866 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →