Filtered by vendor Getbootstrap Subscriptions
Total 8 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-8331 4 F5, Getbootstrap, Redhat and 1 more 16 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 13 more 2023-11-07 6.1 Medium
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677 1 Getbootstrap 1 Bootstrap 2023-11-07 N/A
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676 1 Getbootstrap 1 Bootstrap 2023-11-07 N/A
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042 1 Getbootstrap 1 Bootstrap 2023-11-07 N/A
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14041 1 Getbootstrap 1 Bootstrap 2023-11-07 N/A
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CVE-2018-14040 2 Debian, Getbootstrap 2 Debian Linux, Bootstrap 2023-11-07 N/A
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735 1 Getbootstrap 1 Bootstrap 2021-07-22 N/A
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2019-10842 1 Getbootstrap 1 Bootstrap-sass 2019-04-11 N/A
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare.