Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Getbootstrap Subscribe
Filtered by product Bootstrap
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-6484 1 Getbootstrap 1 Bootstrap 2025-02-07 N/A 6.4 MEDIUM
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.
CVE-2019-8331 4 F5, Getbootstrap, Redhat and 1 more 16 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 13 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677 1 Getbootstrap 1 Bootstrap 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676 1 Getbootstrap 1 Bootstrap 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042 1 Getbootstrap 1 Bootstrap 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14041 1 Getbootstrap 1 Bootstrap 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CVE-2018-14040 2 Debian, Getbootstrap 2 Debian Linux, Bootstrap 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735 1 Getbootstrap 1 Bootstrap 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.