CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в twitter-bootstrap3

A security vulnerability has been discovered in Bootstrap that could enable Cross-Site Scripting XSS attacks. The vulnerability is related to the “data-loading-text” attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into this attribute,...

6.4CVSS6.6AI score0.00139EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-2429

Malicious code in bioql PyPI...

6.4CVSS6.7AI score0.00139EPSS

Exploits0References3

Veracode•added 2025/09/08 4:31 a.m.•6 views

Cross-Site Scripting (XSS)

Bootstrap is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the data-loading-text attribute in the button plugin, which allows an attacker to inject and execute malicious JavaScript when the button’s loading state is triggered...

6.4CVSS6.4AI score0.00139EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2024/07/11 6:31 p.m.•32 views

Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes

A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting XSS attacks. The vulnerability is associated with the data-loading-text attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into the attribut...

6.4CVSS6AI score0.00139EPSS

Exploits0References4Affected Software1

OSV•added 2024/07/11 6:31 p.m.•2 views

GHSA-VXMC-5X29-H64V Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes

6.4CVSS7AI score0.00139EPSS

Exploits0References4

Snyk•added 2024/07/11 5:40 p.m.•1 views

Cross-site Scripting

Overview org.fujion.webjars:bootstrap is a popular front-end framework for faster and easier web development. Affected versions of this package are vulnerable to Cross-site Scripting through the data-loading-text attribute in the button component. An attacker can execute arbitrary JavaScript code...

6.4CVSS5.6AI score0.00139EPSS

Exploits0References2

Snyk•added 2024/07/11 5:40 p.m.•3 views

Cross-site Scripting

Overview org.webjars.bowergithub.jasny:bootstrap is a popular front-end framework for faster and easier web development. Affected versions of this package are vulnerable to Cross-site Scripting through the data-loading-text attribute in the button component. An attacker can execute arbitrary...

6.4CVSS5.6AI score0.00139EPSS

Exploits0References2

OSV•added 2024/07/11 5:15 p.m.•10 views

CVE-2024-6485

6.4CVSS6AI score0.00139EPSS

Exploits0References1

NVD•added 2024/07/11 5:15 p.m.•16 views

CVE-2024-6485

6.4CVSS0.00139EPSS

Exploits0References2

OSV•added 2024/07/11 5:15 p.m.•1 views

DEBIAN-CVE-2024-6485

6.4CVSS6.6AI score0.00139EPSS

Exploits0References1

OSV•added 2024/07/11 5:15 p.m.•1 views

AZL-71317 CVE-2024-6485 affecting package reaper for versions less than 3.1.1-22

6.4CVSS6.6AI score0.00139EPSS

Exploits0References1

OSV•added 2024/07/11 5:15 p.m.•0 views

UBUNTU-CVE-2024-6485

6.4CVSS6.6AI score0.00139EPSS

Exploits0References4

CVE•added 2024/07/11 5:8 p.m.•128 views

CVE-2024-6485

CVE-2024-6485 is a Bootstrap XSS vulnerability in the button component’s data-loading-text attribute. Affected: Bootstrap 3.x (notably Bootstrap 3.x series); impact is cross-site scripting when the loading state is triggered. Mitigation: Debian LTS advisory indicates fixed in 3.4.1+dfsg-2+deb11u1...

6.4CVSS6AI score0.00139EPSS

Exploits0References2

Debian CVE•added 2024/07/11 5:8 p.m.•11 views

CVE-2024-6485

6.4CVSS6.6AI score0.00139EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by