Malicious code in private-ora-react-bootstrap-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f70d86f10e498a68c8467eb0549e813ea9e7d89fa7faabb6bde280ca072604c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123385

Malicious code in private-ora-react-bootstrap-library npm...

MAL-2025-19715 Malicious code in epimetheus-mensa-sedimentology-react-bootstrap (npm)

The package epimetheus-mensa-sedimentology-react-bootstrap was found to contain malicious code...

Sifchain: Bootstrap library is vulnerable

Summary: The identified library bootstrap, version 4.0.0 is vulnerable Steps To Reproduce: Please upgrade to the latest version of bootstrap. Supporting Material/References: https://github.com/twbs/bootstrap/issues/28236 https://github.com/twbs/bootstrap/issues/20184 Impact XSS was possible in th...

Cross-site Scripting (XSS)

bootstrap is vulnerable to Cross-site Scripting XSS. The library does not properly sanitize the parent variable in collapse.js, allowing a malicious user to inject and execute arbitrary Javascript...