Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-23472
This affects versions prior to 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.
Bootstrap-table Bootstrap Table
5.4
CVSSv3
CVE-2022-1726
Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table before 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties.
Bootstrap-table Bootstrap Table
5.4
CVSSv3
CVE-2022-4777
The Bootstrap Shortcodes WordPress plugin up to and including 3.4.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
Bootstrap Shortcodes Project Bootstrap Shortcodes
6.1
CVSSv3
CVE-2018-14041
In Bootstrap prior to 4.1.2, XSS is possible in the data-target property of scrollspy.
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
4 Github repositories
6.1
CVSSv3
CVE-2019-10215
Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.
Bootstrap-3-typeahead Project Bootstrap-3-typeahead
5.4
CVSSv3
CVE-2022-4834
The CPT Bootstrap Carousel WordPress plugin up to and including 1.12 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks whi...
Cpt Bootstrap Carousel Project Cpt Bootstrap Carousel
6.1
CVSSv3
CVE-2020-25087
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/languages.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
6.1
CVSSv3
CVE-2020-25088
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
6.1
CVSSv3
CVE-2020-25090
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
6.1
CVSSv3
CVE-2020-25092
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in _parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »