Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bootstrap
(Getbootstrap)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 7 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-13 | CVE-2018-14040 | In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | Debian_linux, Bootstrap | 6.1 | ||
| 2018-07-13 | CVE-2018-14041 | In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. | Bootstrap | 6.1 | ||
| 2018-07-13 | CVE-2018-14042 | In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | Bootstrap | 6.1 | ||
| 2019-01-09 | CVE-2018-20676 | In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. | Bootstrap | 6.1 | ||
| 2019-01-09 | CVE-2018-20677 | In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. | Bootstrap | 6.1 | ||
| 2019-02-20 | CVE-2019-8331 | In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. | Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_domain_name_system, Big\-Ip_edge_gateway, Big\-Ip_fraud_protection_service, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_policy_enforcement_manager, Big\-Ip_webaccelerator, Bootstrap, Virtualization_manager, Tenable\.sc | 6.1 | ||
| 2019-01-09 | CVE-2016-10735 | In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. | Bootstrap | 6.1 |