Vulnerabilities > Getbootstrap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-04 | CVE-2019-10842 | Code Injection vulnerability in Getbootstrap Bootstrap-Sass 3.2.0.3 Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. | 10.0 |
| 2019-02-20 | CVE-2019-8331 | Cross-site Scripting vulnerability in multiple products In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. | 6.1 |
| 2019-01-09 | CVE-2018-20677 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. | 6.1 |
| 2019-01-09 | CVE-2018-20676 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. | 6.1 |
| 2019-01-09 | CVE-2016-10735 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. | 4.3 |
| 2018-07-13 | CVE-2018-14042 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | 6.1 |
| 2018-07-13 | CVE-2018-14041 | Cross-site Scripting vulnerability in Getbootstrap Bootstrap 4.0.0/4.1.0/4.1.1 In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. | 6.1 |
| 2018-07-13 | CVE-2018-14040 | Cross-site Scripting vulnerability in multiple products In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | 6.1 |