Lucene search
K

2352 matches found

Friends Of PHP
Friends Of PHP
added 2019/01/22 8:41 a.m.25 views

Cross-Site Scripting in Bootstrap CSS toolkit

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-006...

6.1CVSS9.7AI score0.04293EPSS
Exploits1Affected Software1
Typo3
Typo3
added 2019/01/22 12:0 a.m.108 views

Cross-Site Scripting in Bootstrap CSS toolkit

It has been discovered that the third party library Bootstrap CSS toolkit is vulnerable to cross-site scripting. Details are mentioned in a dedicated vulnerability report at...

4.3CVSS5.9AI score0.04293EPSS
Exploits1Affected Software1
Talos
Talos
added 2019/01/21 12:0 a.m.64 views

Bitdefender BOX 2 bootstrap update_setup command execution vulnerability

Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...

9.3CVSS8.2AI score0.01948EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.3 views

@antarctica/bas-style-kit (>=0.5.0 <=0.5.0-beta), @antistatique/retraitespopulaires-styleguide (>=0.0.1 <=1.8.4) +153 more potentially affected by CVE-2018-20677 via bootstrap-sass (>=2.3.2 <=3.3.7)

bootstrap-sass NPM version =2.3.2, =0.5.0, =0.0.1, =0.0.1, =0.533.0, =8.0.0, =0.1.0, =2.0.2, =0.1.0, =0.0.1, =1.0.0, =1.0.1 - @opuscapita/oc-common-ui =8.3.3 and more Source cves: CVE-2018-20677 Source advisory: OSV:GHSA-PH58-4VRJ-W6HR...

6.1CVSS6.6AI score0.03984EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.6 views

au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2018-20677 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)

org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-20677 Source advisory: OSV:GHSA-PH58-4VRJ-W6HR...

6.1CVSS6.6AI score0.03984EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.3 views

@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +456 more potentially affected by CVE-2018-20677 via bootstrap (>=0.0.2 <=3.3.7)

bootstrap NPM version =0.0.2, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2018-20677 Source advisory: OSV:GHSA-PH58-4VRJ-W6HR...

6.1CVSS6.6AI score0.03984EPSS
Exploits1
OSV
OSV
added 2019/01/17 1:57 p.m.52 views

GHSA-PH58-4VRJ-W6HR bootstrap Cross-site Scripting vulnerability

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property...

6.1CVSS6.2AI score0.03984EPSS
Exploits1References18
Github Security Blog
Github Security Blog
added 2019/01/17 1:57 p.m.284 views

bootstrap Cross-site Scripting vulnerability

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property...

6.1CVSS1.6AI score0.03984EPSS
Exploits1References18Affected Software4
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.4 views

@antarctica/bas-style-kit (>=0.5.0 <=0.5.0-beta), @antistatique/retraitespopulaires-styleguide (>=0.0.1 <=1.8.4) +153 more potentially affected by CVE-2018-20676 via bootstrap-sass (>=2.3.2 <=3.3.7)

bootstrap-sass NPM version =2.3.2, =0.5.0, =0.0.1, =0.0.1, =0.533.0, =8.0.0, =0.1.0, =2.0.2, =0.1.0, =0.0.1, =1.0.0, =1.0.1 - @opuscapita/oc-common-ui =8.3.3 and more Source cves: CVE-2018-20676 Source advisory: OSV:GHSA-3MGP-FX93-9XV5...

6.1CVSS6.6AI score0.03835EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.4 views

au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2018-20676 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)

org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-20676 Source advisory: OSV:GHSA-3MGP-FX93-9XV5...

6.1CVSS6.6AI score0.03835EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.4 views

@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +456 more potentially affected by CVE-2018-20676 via bootstrap (>=0.0.2 <=3.3.7)

bootstrap NPM version =0.0.2, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2018-20676 Source advisory: OSV:GHSA-3MGP-FX93-9XV5...

6.1CVSS6.6AI score0.03835EPSS
Exploits0
OSV
OSV
added 2019/01/17 1:57 p.m.48 views

GHSA-3MGP-FX93-9XV5 XSS vulnerability that affects bootstrap

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...

6.1CVSS6.2AI score0.03835EPSS
Exploits0References17
Github Security Blog
Github Security Blog
added 2019/01/17 1:57 p.m.249 views

XSS vulnerability that affects bootstrap

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...

6.1CVSS2.4AI score0.03835EPSS
Exploits0References17Affected Software4
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.4 views

au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2016-10735 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)

org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2016-10735 Source advisory: OSV:GHSA-4P24-VMCR-4GQJ...

6.1CVSS6.6AI score0.0404EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.4 views

@7ninjas/scss-mixins (>=0.0.0 <=1.0.0-alpha2), @alv-ch/alv-styleguide (>=0.0.1-1.alpha <=0.1.8) +47 more potentially affected by CVE-2016-10735 via bootstrap (=4.0.0-beta)

bootstrap NPM version =4.0.0-beta is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap and may be impacted: - @7ninjas/scss-mixins =0.0.0, =0.0.1-1.alpha, =0.0.1, =0.3.0, =0.0.1, =1.0.0, =0.2.15, =0.0.5, =0.1.0, =0.1.1 and more Source cves:...

6.1CVSS6.6AI score0.0404EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.4 views

@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +455 more potentially affected by CVE-2016-10735 via bootstrap (>=3.1.1 <=3.3.7)

bootstrap NPM version =3.1.1, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2016-10735 Source advisory: OSV:GHSA-4P24-VMCR-4GQJ...

6.1CVSS6.6AI score0.0404EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2019/01/17 1:57 p.m.3 views

@antarctica/bas-style-kit (>=0.5.0 <=0.5.0-beta), @antistatique/retraitespopulaires-styleguide (>=0.0.1 <=1.8.4) +153 more potentially affected by CVE-2016-10735 via bootstrap-sass (>=2.3.2 <=3.3.7)

bootstrap-sass NPM version =2.3.2, =0.5.0, =0.0.1, =0.0.1, =0.533.0, =8.0.0, =0.1.0, =2.0.2, =0.1.0, =0.0.1, =1.0.0, =1.0.1 - @opuscapita/oc-common-ui =8.3.3 and more Source cves: CVE-2016-10735 Source advisory: OSV:GHSA-4P24-VMCR-4GQJ...

6.1CVSS6.6AI score0.0404EPSS
Exploits1
OSV
OSV
added 2019/01/17 1:57 p.m.1505 views

GHSA-4P24-VMCR-4GQJ Bootstrap Cross-site Scripting vulnerability

In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a different vulnerability than CVE-2018-14041. See https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/ for more info...

6.1CVSS6.6AI score0.0404EPSS
Exploits1References18
Github Security Blog
Github Security Blog
added 2019/01/17 1:57 p.m.281 views

Bootstrap Cross-site Scripting vulnerability

In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a different vulnerability than CVE-2018-14041. See https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/ for more info...

6.1CVSS6.3AI score0.0404EPSS
Exploits1References18Affected Software5
Veracode
Veracode
added 2019/01/17 7:30 a.m.9 views

Cross-Site Scripting (XSS)

bootstrap-vue is vulnerable to cross-site scripting XSS. The option variable is not validated and sanitized, which would allow a remote attacker to inject arbitrary Javascript into a victim's browser to steal session tokens or perform unwanted actions on behalf of the user...

6.2AI score
Exploits0
Rows per page
Query Builder