2351 matches found
CVE-2020-25088
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php...
CVE-2018-12918
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in pbcBregisterfields in bootstrap.c...
Cross-Site Scripting
Bootstrap Multiselect is vulnerable to Reflective Cross-Site Scripting XSS. The vulnerability is due to unsanitized output of POST data in a PHP script, which allows attackers to execute arbitrary JavaScript in the context of a victim's browser through Cross-Site Request Forgery CSRF...
CVE-2024-12722
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
CVE-2024-12722
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
CVE-2024-12722
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
CVE-2024-12722 Twitter Bootstrap Collapse aka Accordian Shortcode <= 1.0 - Stored XSS via Shortcode
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
CVE-2024-12722 Twitter Bootstrap Collapse aka Accordian Shortcode <= 1.0 - Stored XSS via Shortcode
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
CVE-2024-12722
CVE-2024-12722 affects the WordPress plugin Twitter Bootstrap Collapse aka Accordian Shortcode, alleging Stored Cross-Site Scripting via shortcode attributes in versions
Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip Components
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS. This issue affects Bootstrap version 3.4.1. At time of publication, there is no publicly available patched version...
01.webpack-study (=1.0.0), 0226 (=1.0.0) +3005 more potentially affected by CVE-2025-1647 via bootstrap (=3.4.1)
bootstrap NPM version =3.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap and may be impacted: - 01.webpack-study =1.0.0 - 0226 =1.0.0 - 03-npm =1.0.0 - 2cs-basecode =0.1.0, =4.13.7-rc4, =3.0.1, =3.0.4, =0.0.0-ad-beta.1, =0.0.0-aj-alpha.9,...
GHSA-Q58R-HWC8-RM9J Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip Components
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS. This issue affects Bootstrap version 3.4.1. At time of publication, there is no publicly available patched version...
CVE-2025-1647
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS.This issue affects Bootstrap: from 3.4.1 before 4.0.0...
CVE-2025-1647
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS.This issue affects Bootstrap: from 3.4.1 before 4.0.0...
DEBIAN-CVE-2025-1647
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS.This issue affects Bootstrap: from 3.4.1 before 4.0.0...
UBUNTU-CVE-2025-1647
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS.This issue affects Bootstrap: from 3.4.1 before 4.0.0...
cn.jbone:jbone-ui (=1.0.0), io.springlets:springlets-boot-starter-web (>=1.2.0.RC2 <=1.2.0.RELEASE) +56 more potentially affected by CVE-2025-1647 via org.webjars.bower:bootstrap (>=3.4.1 <=4.0.0-beta.3)
org.webjars.bower:bootstrap MAVEN version =3.4.1, =1.2.0.RC2, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.1 and more Source cves: CVE-2025-1647 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-10176070...
com.adrianhurt:play-bootstrap_2.10 (>=1.0-P24-B4 <=1.1.1-P24-B4), com.adrianhurt:play-bootstrap_2.11 (>=1.0-P24-B4 <=1.1.1-P25-B4) +44 more potentially affected by CVE-2025-1647 via org.webjars:bootstrap (>=3.4.1 <=4.0.0-2)
org.webjars:bootstrap MAVEN version =3.4.1, =1.0-P24-B4, =1.0-P24-B4, =2.3.2.RELEASE, =2.3.2.RELEASE, =2.3.2.RELEASE, =2.3.2.RELEASE, =2.3.2.RELEASE, =2.3.2.RELEASE, =2.3.8.RELEASE, =4.2.11, =2.5.0, =2.5.4 and more Source cves: CVE-2025-1647 Source advisory: SNYK:JAVA-ORGWEBJARS-10176068...
Cross-site Scripting (XSS)
Overview org.webjars.bower:bootstrap is a popular front-end framework for faster and easier web development. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tooltip and Popover components due to improper neutralization of input during web page generation. An...
Cross-site Scripting (XSS)
Overview org.webjars.bowergithub.twbs:bootstrap is a popular front-end framework for faster and easier web development. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tooltip and Popover components due to improper neutralization of input during web page...