[ember-source] Moderate severity vulnerability that affects ember-source

Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before 2.2.1 allows remote attackers to inject arbitrary web script or HTML.

References

• https://nvd.nist.gov/vuln/detail/CVE-2015-7565
• https://github.com/advisories/GHSA-m3q7-rj8g-m457
• https://groups.google.com/forum/#!topic/ember-security/OfyQkoSuppY
• http://emberjs.com/blog/2016/01/14/security-releases-ember-1-11-4-1-12-2-1-13-12-2-0-3-2-1-2-2-2-1.html