SUSE CVE-2019-10215

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser...

Cross-site Scripting in Bootstrap-3-Typeahead

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser. This issue was introduced in commit dbd1af5bf and has not been fixed...

CVE-2019-10215

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser...

Cross site scripting

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser...

CVE-2019-10215

CVE-2019-10215 is a cross-site scripting vulnerability in Bootstrap-3-Typeahead’s highlighter() function (affecting versions after 4.0.2). Exploitation required user interaction; the issue was introduced in commit dbd1af5bf and has been addressed in later advisories (e.g., GHSA-m2hm-hrr2-6P2Q) an...

Cross-site Scripting (XSS)

github.com/prometheus/prometheus is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as the highlighter function was not sanitized and could be used for XSS attacks...