Bootstrap Security Vulnerabilities and Issues — Bootstrap CVE List

Lucene search

GetbootstrapBootstrap

9 matches found

CVE•added 2019/02/20 4:29 p.m.•1348 views

CVE-2019-8331

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

6.1CVSS5.8AI score0.02292EPSS

CVE•added 2018/07/13 2:29 p.m.•666 views

CVE-2018-14040

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

6.1CVSS6.1AI score0.01633EPSS

CVE•added 2019/01/09 5:29 a.m.•622 views

CVE-2018-20676

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

6.1CVSS6AI score0.06255EPSS

CVE•added 2018/07/13 2:29 p.m.•543 views

CVE-2018-14042

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

6.1CVSS6.1AI score0.017EPSS

CVE•added 2019/01/09 5:29 a.m.•451 views

CVE-2018-20677

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

6.1CVSS6AI score0.14795EPSS

CVE•added 2019/01/09 5:29 a.m.•440 views

CVE-2016-10735

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

6.1CVSS6.2AI score0.0788EPSS

CVE•added 2024/07/11 6:15 p.m.•275 views

CVE-2024-6531

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an tag due to inadequate sanitization. This vu...

6.4CVSS6AI score0.00066EPSS

CVE•added 2018/07/13 2:29 p.m.•270 views

CVE-2018-14041

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

6.1CVSS6AI score0.0788EPSS

CVE•added 2024/07/11 5:15 p.m.•217 views

CVE-2024-6484

6.4CVSS5.9AI score0.00044EPSS