78 matches found
CVE-2023-32711
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Bootstrap web framework CVE-2019-8331 and build a stored cross-site scripting XSS payload...
F5 Networks BIG-IP : Bootstrap vulnerability (K05380109)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K05380109 advisory. In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.CVE-2018-14041ImpactAn attacker...
SUSE CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
bootstrap: XSS in the data-target attribute
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...
Ecommerce CodeIgniter Bootstrap 1.0 Cross Site Scripting
Title: Ecommerce-CodeIgniter-Bootstrap-1.0 Cross-site scripting reflected RCE Author: nu11secur1ty Date: 10.29.2022 Vendor: https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap Software: https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/archive/refs/heads/master.zip...
com.slyak:slyak-web-bootstrap (>=1.0.3.RELEASE <=1.0.4.RELEASE), de.smartsquare.squit:de.smartsquare.squit.gradle.plugin (>=2.0.0 <=2.2.0) +23 more potentially affected by CVE-2018-14040 via org.webjars:bootstrap (>=4.0.0 <=4.1.1)
org.webjars:bootstrap MAVEN version =4.0.0, =1.0.3.RELEASE, =2.0.0, =2.1.0, =2.0.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.3 - org.orienteer:orienteer-architect =1.4 - org.orienteer:orienteer-birt =1.4 - org.orienteer:orienteer-bpm =1.4 - org.orienteer:orienteer-camel =1.4 -...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +493 more potentially affected by CVE-2018-14040 via org.webjars:bootstrap (>=2.3.0 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.3.0, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-14040 Source advisory: OSV:GHSA-3WQF-4X89-9G79...
@7ninjas/scss-mixins (=1.0.0-alpha3), @afiniti/design-system (>=0.0.1 <=0.0.8) +247 more potentially affected by CVE-2018-14040 via bootstrap (>=4.0.0 <=4.1.1)
bootstrap NPM version =4.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.1.0, =1.0.0, =0.0.16, =0.0.1, =1.0.0, =2.0.0-alpha, =2.3.2, =1.0.0, =1.0.3 - @evoxmusic/angular =0.7.5 and more Source cves: CVE-2018-14040 Source advisory: OSV:GHSA-3WQF-4X89-9G79...
@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +455 more potentially affected by CVE-2018-14040 via bootstrap (>=3.1.1 <=3.3.7)
bootstrap NPM version =3.1.1, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2018-14040 Source advisory: OSV:GHSA-3WQF-4X89-9G79...
F5 Networks BIG-IP : Bootstrap vulnerability (K19785240)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K19785240 advisory. - In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. CVE-2018-14042 Note that Nessus has not...
F5 Networks BIG-IP : Bootstrap vulnerability (K48382137)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K48382137 advisory. - In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. CVE-2018-14040 Note that Nessus has not...
bootstrap: XSS in the affix configuration target property
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hostin...
bootstrap: XSS in the data-target attribute
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...
CVE-2019-17095
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method /api/downloadimage unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands. In ord...
F5 Networks BIG-IP : Bootstrap vulnerability (K24383845)
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. CVE-2019-8331 Impact An attacker can inject a malicious script into a client browser. Additionally, an attacker can trick auser into running malicious code. C Tenable, Inc. The...
bootstrap: XSS in the tooltip or popover data-template attribute
A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired...
8bit-ghost-ui (>=1.0.0-beta.1 <=1.0.0-beta.2), @7ninjas/scss-mixins (=1.0.0-alpha3) +498 more potentially affected by CVE-2019-8331 via bootstrap (>=4.0.0 <=4.3.0)
bootstrap NPM version =4.0.0, =1.0.0-beta.1, =1.0.1, =1.0.3, =1.0.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.1.0, =1.0.0, =1.0.0, =0.0.0, =1.0.0, =1.0.2 and more Source cves: CVE-2019-8331 Source advisory: OSV:GHSA-9V3M-8FP8-MJ99...
com.alilitech:boot-plus-generator (>=1.1.0 <=1.3.7), com.alilitech:boot-plus-log (>=1.2.0 <=2.0.5) +48 more potentially affected by CVE-2019-8331 via org.webjars:bootstrap (>=4.0.0 <=4.2.1)
org.webjars:bootstrap MAVEN version =4.0.0, =1.1.0, =1.2.0, =1.1.0, =1.16.0, =3.2.2, =1.0.3.RELEASE, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =2.0.0, =2.3.0 and more Source cves: CVE-2019-8331 Source advisory: OSV:GHSA-9V3M-8FP8-MJ99...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +470 more potentially affected by CVE-2019-8331 via org.webjars:bootstrap (>=3.0.0 <=3.4.0)
org.webjars:bootstrap MAVEN version =3.0.0, =1, =1, =4.1.0, =4.2.0, =4.1.0, =4.1.0, =0.1, =1.0.6.OSS, =0.1.1, =0.1.1, =0.4.5-P24 and more Source cves: CVE-2019-8331 Source advisory: OSV:GHSA-9V3M-8FP8-MJ99...
@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +458 more potentially affected by CVE-2019-8331 via bootstrap (>=3.1.1 <=3.4.0)
bootstrap NPM version =3.1.1, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2019-8331 Source advisory: OSV:GHSA-9V3M-8FP8-MJ99...