RSS   Vulnerabilities for 'Bootstrap'   RSS

2022-04-08
 
CVE-2022-26624

CWE-79
 

 
Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.

 
2019-02-20
 
CVE-2019-8331

CWE-79
 

 
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

 
2019-01-09
 
CVE-2018-20677

CWE-79
 

 
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

 
 
CVE-2018-20676

CWE-79
 

 
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

 
 
CVE-2016-10735

CWE-79
 

 
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

 
2018-07-13
 
CVE-2018-14042

CWE-79
 

 
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

 
 
CVE-2018-14041

CWE-79
 

 
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

 
 
CVE-2018-14040

CWE-79
 

 
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

 

 >>> Vendor: Getbootstrap 2 Products
Bootstrap
Bootstrap-sass


Copyright 2024, cxsecurity.com

 

Back to Top