Описание
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Ссылки
- Release NotesThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0 (включая) до 3.4.0 (исключая)
Одно из
cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.06152
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 6 лет назад
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVSS3: 6.1
redhat
почти 9 лет назад
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVSS3: 6.1
debian
больше 6 лет назад
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is ...
rocky
больше 4 лет назад
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
EPSS
Процентиль: 90%
0.06152
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79