Vulnerabilities > CVE-2019-10215 - Unspecified vulnerability in Bootstrap-3-Typeahead Project Bootstrap-3-Typeahead

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

bootstrap-3-typeahead-project

NVD

Published: 2019-10-08

Updated: 2024-11-21

Summary

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.

Vulnerable Configurations

Part	Description	Count
Application	Bootstrap-3-Typeahead_Project Bootstrap 3 Typeahead Project Bootstrap 3 Typeahead *	1

Redhat

advisories

rhsa

id	RHSA-2019:3771

References

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
https://access.redhat.com/errata/RHSA-2019:3771
https://access.redhat.com/errata/RHSA-2019:3771
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215