Lucene search
K

50 matches found

OSV
OSV
added 2019/02/20 4:29 p.m.2 views

DEBIAN-CVE-2019-8331

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS6AI score0.1686EPSS
Exploits1References1
OSV
OSV
added 2019/02/20 4:29 p.m.37 views

CVE-2019-8331

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS6.1AI score
Exploits0References27
Cvelist
Cvelist
added 2019/02/20 4:0 p.m.30 views

CVE-2019-8331

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1AI score0.1686EPSS
Exploits1References27
CVE
CVE
added 2019/02/20 4:0 p.m.1552 views

CVE-2019-8331

CVE-2019-8331 affects Bootstrap: XSS in tooltip/popover data-template attribute observed in Bootstrap 3.4.1 and 4.3.x before 4.3.1. The underlying issue is an input that can inject script into a client browser when the vulnerable template is rendered. Affected versions include Bootstrap 3.x prior...

6.1CVSS5.8AI score0.1686EPSS
Exploits1References27Affected Software1
Debian CVE
Debian CVE
added 2019/02/20 4:0 p.m.63 views

CVE-2019-8331

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS6.5AI score0.1686EPSS
Exploits1
GitLab Advisory Database
GitLab Advisory Database
added 2019/02/20 12:0 a.m.49 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

In Bootstrap, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS1.6AI score0.1686EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2019/02/15 12:0 a.m.41 views

XSS vulnerability in bootstrap-sass

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS6.3AI score0.1686EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2019/02/15 12:0 a.m.34 views

XSS vulnerability in bootstrap

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS6.3AI score0.1686EPSS
Exploits1References1Affected Software1
Veracode
Veracode
added 2019/02/14 8:50 a.m.51 views

Cross-site Scripting (XSS)

bootstrap is vulnerable to Cross-site Scripting XSS. The attack exists because it does not escape the data-template, data-content and data-title options for tooltip/popover plugins, allowing to inject malicious script through it...

6.1CVSS5.9AI score0.1686EPSS
Exploits1References39Affected Software16
CVE
CVE
added 2018/04/22 3:0 p.m.50 views

CVE-2018-10298

CVE-2018-10298 concerns Discuz! DiscuzX up to X3.4, where a reflected XSS is possible via forum.php?mod=post&action=newthread. The root cause is that data/template/1_diy_portal_view.tpl.php does not restrict user-submitted content, enabling injected scripts. This is documented across multiple fee...

5.4CVSS5.2AI score0.00531EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder