Lucene search

Bootstrap Security Vulnerabilities

cve

CVE-2016-10735

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

6.1CVSS

6.2AI Score

0.004EPSS

2019-01-09 05:29 AM

312

cve

CVE-2018-14040

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

6.1CVSS

6.1AI Score

0.008EPSS

2018-07-13 02:29 PM

517

cve

CVE-2018-14041

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

6.1CVSS

6AI Score

0.004EPSS

2018-07-13 02:29 PM

192

cve

CVE-2018-14042

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

6.1CVSS

6.1AI Score

0.005EPSS

2018-07-13 02:29 PM

382

cve

CVE-2018-20676

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

6.1CVSS

6AI Score

0.003EPSS

2019-01-09 05:29 AM

377

cve

CVE-2018-20677

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

6.1CVSS

6AI Score

0.004EPSS

2019-01-09 05:29 AM

356

cve

CVE-2019-8331

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

6.1CVSS

5.8AI Score

0.004EPSS

2019-02-20 04:29 PM

993