CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

Design/Logic Flaw

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

UBUNTU-CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726 Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726

CVE-2022-1726 is a cross-site scripting vulnerability in the Bootstrap Table project when using the Table Export plug-in with exportOptions: htmlContent enabled, in versions prior to 1.20.2. The issue affects the Bootstrap Table code path (wenzhixin/bootstrap-table) and is disclosed as capable of...

CVE-2022-1726 Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

Bootstrap-Table 跨站脚本漏洞

Bootstrap-Table is an open source extension table integrated with some of the most widely used Css frameworks by individual developers at Wenzhixin. A security vulnerability exists in Bootstrap-Table versions prior to 1.20.2. An attacker could exploit this vulnerability to disclose session cookie...

com.amashchenko.struts2.actionflow:struts2-actionflow-plugin (=2.4.0), com.amashchenko.struts2.actionflow:struts2-actionflow-showcase (=2.4.0) +68 more potentially affected by CVE-2016-3081 via org.apache.struts:struts2-core (>=2.3.1.1 <=2.3.20.1)

org.apache.struts:struts2-core MAVEN version =2.3.1.1, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.1.0, =1.1.0, =2.0.1 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-grid-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-mobile-plugin...

com.amashchenko.struts2.actionflow:struts2-actionflow-plugin (=2.4.0), com.amashchenko.struts2.actionflow:struts2-actionflow-showcase (=2.4.0) +68 more potentially affected by CVE-2016-3087 via org.apache.struts:struts2-core (>=2.3.1.1 <=2.3.20.1)

org.apache.struts:struts2-core MAVEN version =2.3.1.1, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.1.0, =1.1.0, =2.0.1 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-grid-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-mobile-plugin...

com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=2.0.2 <=2.0.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-showcase (>=2.0.2 <=2.0.4) +42 more potentially affected by CVE-2016-3081 via org.apache.struts:struts2-core (>=2.3.24 <=2.3.24.1)

org.apache.struts:struts2-core MAVEN version =2.3.24, =2.0.2, =2.0.2, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24.1 and more Source cves: CVE-2016-3081 Source advisory: OSV:GHSA-8C6J-FFMF-Q6VM...

com.amashchenko.struts2.actionflow:struts2-actionflow-plugin (=2.4.0), com.amashchenko.struts2.actionflow:struts2-actionflow-showcase (=2.4.0) +79 more potentially affected by CVE-2016-4438 via org.apache.struts:struts2-core (>=2.3.1.1 <=2.3.28.1)

org.apache.struts:struts2-core MAVEN version =2.3.1.1, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.1.0, =1.1.0, =2.0.4 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-grid-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-mobile-plugin...

@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +455 more potentially affected by CVE-2018-14040 via bootstrap (>=3.1.1 <=3.3.7)

bootstrap NPM version =3.1.1, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2018-14040 Source advisory: OSV:GHSA-3WQF-4X89-9G79...

com.slyak:slyak-web-bootstrap (>=1.0.3.RELEASE <=1.0.4.RELEASE), de.smartsquare.squit:de.smartsquare.squit.gradle.plugin (>=2.0.0 <=2.2.0) +23 more potentially affected by CVE-2018-14040 via org.webjars:bootstrap (>=4.0.0 <=4.1.1)

org.webjars:bootstrap MAVEN version =4.0.0, =1.0.3.RELEASE, =2.0.0, =2.1.0, =2.0.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.3 - org.orienteer:orienteer-architect =1.4 - org.orienteer:orienteer-birt =1.4 - org.orienteer:orienteer-bpm =1.4 - org.orienteer:orienteer-camel =1.4 -...

@7ninjas/scss-mixins (=1.0.0-alpha3), @afiniti/design-system (>=0.0.1 <=0.0.8) +247 more potentially affected by CVE-2018-14040 via bootstrap (>=4.0.0 <=4.1.1)

bootstrap NPM version =4.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.1.0, =1.0.0, =0.0.16, =0.0.1, =1.0.0, =2.0.0-alpha, =2.3.2, =1.0.0, =1.0.3 - @evoxmusic/angular =0.7.5 and more Source cves: CVE-2018-14040 Source advisory: OSV:GHSA-3WQF-4X89-9G79...

au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +492 more potentially affected by CVE-2018-14040 via org.webjars:bootstrap (>=2.3.0 <=3.3.7)

org.webjars:bootstrap MAVEN version =2.3.0, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =4.1.0, =5.3.3 and more Source cves: CVE-2018-14040 Source advisory: OSV:GHSA-3WQF-4X89-9G79...

GHSA-3WQF-4X89-9G79 Bootstrap vulnerable to Cross-Site Scripting (XSS)

In Bootstrap starting in version 2.3.0 and prior to 3.4.0, as well as 4.x before 4.1.2, XSS is possible in the collapse data-parent attribute...

Bootstrap vulnerable to Cross-Site Scripting (XSS)

In Bootstrap starting in version 2.3.0 and prior to 3.4.0, as well as 4.x before 4.1.2, XSS is possible in the collapse data-parent attribute...

Bootstrap vulnerable to Cross-Site Scripting (XSS)

In Bootstrap starting in version 2.3.0 and prior to 3.4.0, as well as 4.x before 4.1.2, XSS is possible in the collapse data-parent attribute...

Jfinal CMS Command Injection Vulnerability

Jfinal CMS is a powerful information consulting website developed in java, using the simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap framework. jfinal CMS version 5.0.1 has a command injection vulnerability, which originates from...