XSS vulnerability in bootstrap-sass

2019-02-1421:00:00

RubySec

rubysec.com

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible
in the tooltip or popover data-template attribute.

CPENameOperatorVersion
bootstrap-sasslt3.4.1

CPE	Name	Operator	Version
	bootstrap-sass	lt	3.4.1

References

blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/