2351 matches found
Cross-site Scripting (XSS)
Overview org.webjars.bowergithub.davidstutz:bootstrap-multiselect is a JQuery multiselect plugin based on Twitter Bootstrap. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the post.php script. An attacker can execute scripts in the context of the user's brows...
CVE-2025-47204
An issue was discovered in post.php in bootstrap-multiselect aka Bootstrap Multiselect 1.1.2. A PHP script in the source code echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting XSS vulnerability...
CVE-2025-47204
An issue was discovered in post.php in bootstrap-multiselect aka Bootstrap Multiselect 1.1.2. A PHP script in the source code echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting XSS vulnerability...
PT-2025-20925 · Unknown · Bootstrap-Multiselect
Name of the Vulnerable Software and Affected Versions: bootstrap-multiselect version 1.1.2 Description: An issue was discovered in post.php, where a PHP script echoes arbitrary POST data. This could create a Reflective Cross-Site Scripting XSS vulnerability exploitable through Cross-Site Request...
Bootstrap 安全漏洞
Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript by Bootstrap Inc. A security vulnerability exists in Bootstrap version 1.1.2, which originates from the post.php file in the code that echoes arbitrary POST data, which could lead to reflective cross-site...
CVE-2025-47204
An issue was discovered in post.php in bootstrap-multiselect aka Bootstrap Multiselect 1.1.2. A PHP script in the source code echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting XSS vulnerability...
CVE-2025-47204
An issue was discovered in post.php in bootstrap-multiselect aka Bootstrap Multiselect 1.1.2. A PHP script in the source code echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting XSS vulnerability...
CVE-2025-47204
Bootstrap Multiselect
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
Cisco IOS XE Software Bootstrap Arbitrary File Write Vulnerability
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
GHSA-QV97-5QR8-2266 Mithril snapshots for Cardano database could be compromised by an adversary
Impact Mithril certification of Cardano database The Mithril network provides certification for snapshots of the Cardano database, enabling users to quickly bootstrap a Cardano node without relying on the slower peer-to-peer synchronization process. To generate a multi-signature, a minimum...
Cisco IOS XE Software Bootstrap Arbitrary File Write (cisco-sa-bootstrap-KfgxYgdh)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient...
CVE-2025-3901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
CVE-2025-3901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
CVE-2025-3901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
CVE-2025-3901 Bootstrap Site Alert - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-042
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...