Cross-site Scripting (XSS)

Overview org.webjars.bower:bootstrap is a popular front-end framework for faster and easier web development. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tooltip and Popover components due to improper neutralization of input during web page generation. An...

bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip...

The vulnerability of the tooltip component in Bootstrap, a tool for creating websites and web applications, allows attackers to perform cross-site scripting attacks.

The vulnerability of the tooltip component in the Bootstrap toolset for creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the tooltip and popover components in Bootstrap’s website and web application creation tools allows attackers to execute cross-site scripting attacks.

The vulnerability of the tooltip and popover components in the Bootstrap toolset for creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks...

DEBIAN-CVE-2018-20676

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...