50 matches found
DEBIAN-CVE-2019-8331
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...
CVE-2019-8331
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...
CVE-2019-8331
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...
CVE-2019-8331
CVE-2019-8331 affects Bootstrap: XSS in tooltip/popover data-template attribute observed in Bootstrap 3.4.1 and 4.3.x before 4.3.1. The underlying issue is an input that can inject script into a client browser when the vulnerable template is rendered. Affected versions include Bootstrap 3.x prior...
CVE-2019-8331
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the tooltip or popover data-template attribute...
XSS vulnerability in bootstrap-sass
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...
XSS vulnerability in bootstrap
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...
Cross-site Scripting (XSS)
bootstrap is vulnerable to Cross-site Scripting XSS. The attack exists because it does not escape the data-template, data-content and data-title options for tooltip/popover plugins, allowing to inject malicious script through it...
CVE-2018-10298
CVE-2018-10298 concerns Discuz! DiscuzX up to X3.4, where a reflected XSS is possible via forum.php?mod=post&action=newthread. The root cause is that data/template/1_diy_portal_view.tpl.php does not restrict user-submitted content, enabling injected scripts. This is documented across multiple fee...