logo
DATABASE RESOURCES PRICING ABOUT US

Bootstrap vulnerability CVE-2019-8331

Description

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. ([CVE-2019-8331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8331>)) Impact An attacker can inject a malicious script into a client browser. Additionally, an attacker can trick a user into running malicious code.


Affected Software


CPE Name Name Version
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 15.0.0
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 15.0.1
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 14.0.0
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 14.1.2
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 13.0.0
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 13.1.3
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 12.1.0
big-ip (ltm, aam, afm, analytics, apm, asm, dns, edge gateway, fps, gtm, link controller, pem, webaccelerator) 12.1.5
big-iq centralized management 7.0.0
big-iq centralized management 7.1.0
big-iq centralized management 6.1.0

Related