5 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-20676
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. CVE-2018-20676 Note that Nessus relies on the presence of the package as...
bootstrap: XSS in the tooltip data-viewport attribute
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...
bootstrap: XSS in the tooltip data-viewport attribute
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...
bootstrap: XSS in the tooltip data-viewport attribute
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...
Bootstrap Cross-Site Scripting Vulnerability (CNVD-2019-23271)
Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript . A cross-site scripting vulnerability exists in the tooltip data-viewport attribute in Bootstrap versions prior to 3.4.0, which can be exploited by remote attackers to inject arbitrary web script or HTML...