[MAVEN:GHSA-3MGP-FX93-9XV5] XSS vulnerability that affects bootstrap
Severity
Moderate
Affected Packages
7
Fixed Packages
7
CVEs
1
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Package | Affected Version |
---|---|
pkg:maven/twbs/bootstrap | < 3.4.0 |
pkg:maven/org.webjars/bootstrap | < 3.4.0 |
pkg:maven/bootstrap-sass | < 3.4.0 |
pkg:maven/bootstrap-sass | < 3.4.0 |
pkg:maven/bootstrap | < 3.4.0 |
pkg:maven/bootstrap | < 3.4.0 |
pkg:maven/bootstrap | < 3.4.0 |
Package | Fixed Version |
---|---|
pkg:maven/twbs/bootstrap | = 3.4.0 |
pkg:maven/org.webjars/bootstrap | = 3.4.0 |
pkg:maven/bootstrap-sass | = 3.4.0 |
pkg:maven/bootstrap-sass | = 3.4.0 |
pkg:maven/bootstrap | = 3.4.0 |
pkg:maven/bootstrap | = 3.4.0 |
pkg:maven/bootstrap | = 3.4.0 |
- ID
- MAVEN:GHSA-3MGP-FX93-9XV5
- Severity
- moderate
- URL
- https://github.com/advisories/GHSA-3mgp-fx93-9xv5
- Published
-
2019-01-17T13:57:34
(5 years ago) - Modified
-
2024-08-01T21:03:26
(6 weeks ago) - Rights
- Maven Security Team
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:maven/twbs/bootstrap | twbs | bootstrap | < 3.4.0 | |||
Fixed | pkg:maven/twbs/bootstrap | twbs | bootstrap | = 3.4.0 | |||
Affected | pkg:maven/org.webjars/bootstrap | org.webjars | bootstrap | < 3.4.0 | |||
Fixed | pkg:maven/org.webjars/bootstrap | org.webjars | bootstrap | = 3.4.0 | |||
Affected | pkg:maven/bootstrap-sass | bootstrap-sass | < 3.4.0 | ||||
Fixed | pkg:maven/bootstrap-sass | bootstrap-sass | = 3.4.0 | ||||
Affected | pkg:maven/bootstrap-sass | bootstrap-sass | < 3.4.0 | ||||
Fixed | pkg:maven/bootstrap-sass | bootstrap-sass | = 3.4.0 | ||||
Affected | pkg:maven/bootstrap | bootstrap | < 3.4.0 | ||||
Fixed | pkg:maven/bootstrap | bootstrap | = 3.4.0 | ||||
Affected | pkg:maven/bootstrap | bootstrap | < 3.4.0 | ||||
Fixed | pkg:maven/bootstrap | bootstrap | = 3.4.0 | ||||
Affected | pkg:maven/bootstrap | bootstrap | < 3.4.0 | ||||
Fixed | pkg:maven/bootstrap | bootstrap | = 3.4.0 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |