National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:getbootstrap:bootstrap:4.0.0:beta
There are 4 matching records.
Vuln ID Summary CVSS Severity
CVE-2016-10735

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

Published: January 09, 2019; 12:29:00 AM -05:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2018-14042

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

Published: July 13, 2018; 10:29:00 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2018-14041

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

Published: July 13, 2018; 10:29:00 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2018-14040

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

Published: July 13, 2018; 10:29:00 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM