Lucene search
K

6 matches found

Cvelist
Cvelist
added yesterday20 views

CVE-2026-36214

osTicket versions from 1.10 up to 1.17.7 and from 1.18.0 up to 1.18.3 are vulnerable to a stored XSS due to a vulnerable Bootstrap Tooltip component and insufficient HTML sanitization, allowing remote attackers to execute arbitrary JavaScript in Agent or Admin sessions...

Exploits2References6
Snyk
Snyk
added 2025/05/15 4:48 p.m.1 views

Cross-site Scripting (XSS)

Overview org.webjars.bower:bootstrap is a popular front-end framework for faster and easier web development. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tooltip and Popover components due to improper neutralization of input during web page generation. An...

5.6CVSS5.3AI score0.00272EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.7 views

bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip...

6.1CVSS6.6AI score0.04009EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2020/06/02 12:0 a.m.7 views

The vulnerability of the tooltip component in Bootstrap, a tool for creating websites and web applications, allows attackers to perform cross-site scripting attacks.

The vulnerability of the tooltip component in the Bootstrap toolset for creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6.3AI score0.03835EPSS
Exploits0References13Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/05/21 12:0 a.m.7 views

The vulnerability of the tooltip and popover components in Bootstrap’s website and web application creation tools allows attackers to execute cross-site scripting attacks.

The vulnerability of the tooltip and popover components in the Bootstrap toolset for creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks...

6.1CVSS6.2AI score0.1686EPSS
Exploits2References18Affected Software4
OSV
OSV
added 2019/01/09 5:29 a.m.5 views

DEBIAN-CVE-2018-20676

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...

6.1CVSS6.5AI score0.03835EPSS
Exploits0References1
Rows per page
Query Builder