Vulnerabilities > Getbootstrap

DATE CVE VULNERABILITY TITLE RISK
2019-04-04 CVE-2019-10842 Code Injection vulnerability in Getbootstrap Bootstrap-Sass 3.2.0.3
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org.
network
low complexity
getbootstrap CWE-94
critical
10.0
2019-02-20 CVE-2019-8331 Cross-site Scripting vulnerability in multiple products
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
network
low complexity
getbootstrap f5 redhat tenable CWE-79
6.1
2019-01-09 CVE-2018-20677 Cross-site Scripting vulnerability in Getbootstrap Bootstrap
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
network
low complexity
getbootstrap CWE-79
6.1
2019-01-09 CVE-2018-20676 Cross-site Scripting vulnerability in Getbootstrap Bootstrap
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
network
low complexity
getbootstrap CWE-79
6.1
2019-01-09 CVE-2016-10735 Cross-site Scripting vulnerability in Getbootstrap Bootstrap
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
4.3
2018-07-13 CVE-2018-14042 Cross-site Scripting vulnerability in Getbootstrap Bootstrap
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
network
low complexity
getbootstrap CWE-79
6.1
2018-07-13 CVE-2018-14041 Cross-site Scripting vulnerability in Getbootstrap Bootstrap 4.0.0/4.1.0/4.1.1
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
network
low complexity
getbootstrap CWE-79
6.1
2018-07-13 CVE-2018-14040 Cross-site Scripting vulnerability in multiple products
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
network
low complexity
debian getbootstrap CWE-79
6.1