WordPress My Bootstrap Menu plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin My Bootstrap Menu versions = 1.2.1...

Security Bulletin: Vulnerability in Bootstrap (CVE-2024-6531) affects Power HMC.

Summary The Bootstrap library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-6531 DESCRIPTION: Node.js Bootstrap module is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

WordPress plugin My Bootstrap Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Malicious code in airbnb-bootstrap-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ab32fc1acc308cef69cd2c28a15f3ca79fb2ebeec3a94c3ece78de110b9229c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-27825

An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1.0.3 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27826

An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27826

An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27825

An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1.0.3 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27826

An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27825

An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1.0.3 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27825

An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1.0.3 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27826

An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...

CVE-2025-27825

CVE-2025-27825 affects Backdrop CMS using the Bootstrap 5 Lite theme prior to 1.x-1.0.3. Root cause: insufficient sanitization of certain class names in the theme, enabling an XSS vulnerability. Public exploitation details are not provided in the connected documents. No remediation details are ex...

CVE-2025-27826

CVE-2025-27826 affects Backdrop CMS via the Bootstrap Lite theme (before 1.x-1.4.5). The underlying issue is insufficient sanitization of certain class names, enabling cross-site scripting (XSS). The citation shows a CVSS v3.1 base score of 6.4 (Medium) with network attack vector and low privileg...

Linux Distros Unpatched Vulnerability : CVE-2024-6485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting XSS attacks. The vulnerability is associated with the...

Linux Distros Unpatched Vulnerability : CVE-2019-8331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. CVE-2019-8331 Note that Nessus relies on th...

Linux Distros Unpatched Vulnerability : CVE-2016-10735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

CVE-2021-36374 affecting package javapackages-bootstrap for versions less than 1.5.0-6

CVE-2021-36374 affecting package javapackages-bootstrap for versions less than 1.5.0-6. A patched version of the package is available...

CVE-2021-36373 affecting package javapackages-bootstrap for versions less than 1.5.0-6

CVE-2021-36373 affecting package javapackages-bootstrap for versions less than 1.5.0-6. A patched version of the package is available...

CBL Mariner 2.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36374)

The version of ant / javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36374 advisory. - When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant buil...