Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.5 views

bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip...

6.1CVSS6.6AI score0.04009EPSS
Exploits1References4
CNVD
CNVD
added 2020/06/22 12:0 a.m.5 views

Unspecified Vulnerability in Mattermost Server (CNVD-2020-41481)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.3.0, 4.2.1, and 4.1.2. An attacker can exploit this vulnerability to determine the existence of arbitrary files...

4.9CVSS6.8AI score0.00862EPSS
Exploits0References1
CNVD
CNVD
added 2018/07/17 12:0 a.m.6 views

Bootstrap cross-site scripting vulnerability (CNVD-2018-13372)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript . A cross-site scripting vulnerability exists in the collapse data-parent attribute in Bootstrap versions prior to 4.1.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or...

6.1CVSS6.3AI score0.04135EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/17 12:0 a.m.6 views

Bootstrap Cross-Site Scripting Vulnerability (CNVD-2018-13371)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript . A cross-site scripting vulnerability exists in the data-container attribute of tooltip in versions of Bootstrap prior to 4.1.2. A remote attacker can exploit this vulnerability to inject arbitrary web...

6.1CVSS6.3AI score0.04009EPSS
Exploits1References1
OSV
OSV
added 2018/07/13 2:29 p.m.2 views

DEBIAN-CVE-2018-14042

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip...

6.1CVSS9.1AI score0.04009EPSS
Exploits1References1
OSV
OSV
added 2015/08/05 1:59 a.m.6 views

UBUNTU-CVE-2015-3438

Multiple cross-site scripting XSS vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a 1 four-byte UTF-8 character or 2 invalid character that reaches the database layer, as demonstrated by a crafted...

4.3CVSS5.9AI score0.08467EPSS
Exploits1References3
Rows per page
Query Builder