2352 matches found
CVE-2025-27825
CVE-2025-27825 affects Backdrop CMS using the Bootstrap 5 Lite theme prior to 1.x-1.0.3. Root cause: insufficient sanitization of certain class names in the theme, enabling an XSS vulnerability. Public exploitation details are not provided in the connected documents. No remediation details are ex...
CVE-2025-27826
CVE-2025-27826 affects Backdrop CMS via the Bootstrap Lite theme (before 1.x-1.4.5). The underlying issue is insufficient sanitization of certain class names, enabling cross-site scripting (XSS). The citation shows a CVSS v3.1 base score of 6.4 (Medium) with network attack vector and low privileg...
CVE-2025-27826
An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...
CVE-2025-27825
An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1.0.3 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...
CVE-2025-27826
An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names...
Linux Distros Unpatched Vulnerability : CVE-2024-6485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting XSS attacks. The vulnerability is associated with the...
Linux Distros Unpatched Vulnerability : CVE-2016-10735
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...
Linux Distros Unpatched Vulnerability : CVE-2019-8331
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. CVE-2019-8331 Note that Nessus relies on th...
CVE-2021-36374 affecting package javapackages-bootstrap for versions less than 1.5.0-6
CVE-2021-36374 affecting package javapackages-bootstrap for versions less than 1.5.0-6. A patched version of the package is available...
CVE-2021-36373 affecting package javapackages-bootstrap for versions less than 1.5.0-6
CVE-2021-36373 affecting package javapackages-bootstrap for versions less than 1.5.0-6. A patched version of the package is available...
Azure Linux 3.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36374)
The version of ant / javapackages-bootstrap installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36374 advisory. - When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant buil...
CBL Mariner 2.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36374)
The version of ant / javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36374 advisory. - When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant buil...
Security Bulletin:Vulnerabiilties in swagger-ui and Bootstrap affect watsonx.data
Summary swagger-ui is vulnerable to conduct spoofing attacks. Bootstrap is vulnerable to cross-site scripting. These could affect watsonx.data. Vulnerability Details CVEID:CVE-2018-25031 DESCRIPTION: swagger-ui could allow a remote attacker to conduct spoofing attacks. By persuading a victim to...
GHSA-MVPH-H5J7-4H2G vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
GHSA-MVPH-H5J7-4H2G vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: coredns, skaffold, temporal-ui-server, go-licenses, aws-load-balancer-controller, node-problem-detector, gops, terraform, speedtest-go, gke-gcloud-auth-plugin, minio, tflint, bom, tailscale, nri-mssql, docker-credential-gcr, dex, nerdctl, prometheus-blackbox-exporter...
CVE-2025-26551
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...
CVE-2025-26551
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...
CVE-2025-26551
CVE-2025-26551 concerns the WordPress Bootstrap Collapse plugin (versions
CVE-2025-26551 WordPress Bootstrap collapse plugin <= 1.0.4 - CSRF to Stored Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...