bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute...

bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip...

bootstrap: XSS in the affix configuration target property

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hostin...

bootstrap: XSS in the tooltip or popover data-template attribute

A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired...

bootstrap: XSS in the tooltip data-viewport attribute

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...

Command execution vulnerability in FastAdmin backend (CNVD-2020-58827)

FastAdmin is an extremely fast backend development framework based on ThinkPHP and Bootstrap, and a permission management system based on Auth validation. FastAdmin backend has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Ecommerce CodeIgniter Bootstrap Cross-Site Scripting Vulnerability (CNVD-2020-51509)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript.CodeIgniter is an open source web framework written using the PHP language . A cross-site scripting vulnerability exists in application/modules/admin/views/advancedsettings/adminUsers.php in...

Ecommerce CodeIgniter Bootstrap cross-site scripting vulnerability (CNVD-2020-51508)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript.CodeIgniter is an open source web framework written using the PHP language . A cross-site scripting vulnerability exists in application/modules/admin/views/blog/blogpublish.php in Ecommerce CodeIgniter...

Ecommerce CodeIgniter Bootstrap cross-site scripting vulnerability (CNVD-2020-51506)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript.CodeIgniter is an open source web framework written using the PHP language . Ecommerce-CodeIgniter-Bootstrap An XSS vulnerability exists in previous versions of...

Ecommerce CodeIgniter Bootstrap Cross-Site Scripting Vulnerability (CNVD-2020-51505)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript.CodeIgniter is an open source web framework written using the PHP language . Ecommerce A cross-site scripting vulnerability exists in application/modules/vendor/views/addproduct.php in previous versions o...

Ecommerce CodeIgniter Bootstrap cross-site scripting vulnerability (CNVD-2020-51507)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript.CodeIgniter is an open source web framework written using the PHP language . Ecommerce CodeIgniter Bootstrap A XSS vulnerability exists in previous versions of...

@0negativ/hawtio-integration (>=4.13.7-rc4 <=4.13.7-rc5), @archey347/uf_blog (=0.0.0) +383 more potentially affected by CVE-2019-20921 via bootstrap-select (>=1.10.0 <=1.13.5)

bootstrap-select NPM version =1.10.0, =4.13.7-rc4, =1.31.0, =1.13.0, =1.0.9, =2.0.0, =0.1.0, =1.0.0, =2.0.0, =2.2.0, =0.0.4, =2.0.0, =2.0.31 and more Source cves: CVE-2019-20921 Source advisory: OSV:GHSA-9R7H-6639-V5MW...

Cross-Site Scripting in bootstrap-select

Versions of bootstrap-select prior to 1.13.6 are vulnerable to Cross-Site Scripting XSS. The package does not escape title values on tags. This may allow attackers to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 1.13.6 or later...

GHSA-9R7H-6639-V5MW Cross-Site Scripting in bootstrap-select

Versions of bootstrap-select prior to 1.13.6 are vulnerable to Cross-Site Scripting XSS. The package does not escape title values on tags. This may allow attackers to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 1.13.6 or later...

CVE-2020-25093

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel...

CVE-2020-25087

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advancedsettings/languages.php...

CVE-2020-25091

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/vendor/views/addproduct.php...

CVE-2020-25092

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel...

CVE-2020-25088

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php...

CVE-2020-25090

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php...