Published: 09/01/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

In Bootstrap prior to 3.4.0, XSS is possible in the affix configuration target property.

Vulnerable Product	Search on Vulmon	Subscribe to Product
getbootstrap bootstrap

Synopsis Moderate: python-XStatic-Bootstrap-SCSS security update Type/Severity Security Advisory: Moderate Topic An update for python-XStatic-Bootstrap-SCSS is now available for Red HatOpenStack Platform 13 (Queens)Red Hat Product Security has rated this update as having a security impactof Moderate A Com ...

Synopsis Moderate: Red Hat Decision Manager 760 Security Update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Decision ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Moderate: Red Hat Process Automation Manager 760 Security Update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Process Automation ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...

Synopsis Moderate: ovirt-engine-ui-extensions security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 43Red Hat Product Security has rated this update as having a security impact of Moderate A ...

Synopsis Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of M ...

Synopsis Moderate: ipa security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for ipa is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CV ...

Synopsis Moderate: Red Hat Single Sign-On 732 security update Type/Severity Security Advisory: Moderate Topic A security update is now available for Red Hat Single Sign-On 73 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerab ...

Synopsis Moderate: Red Hat Ceph Storage 61 security, enhancement, and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Ceph Storage 61 in the Red HatEcosystem Catalog ...

jQuery before 300 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed (CVE-2015-9251) In Bootstrap 3x before 340 and 4x-beta before 400-beta2, XSS is possible in the data-target attribute, a different vulnerability t ...

Tenablesc leverages third-party software to help provide underlying functionality Multiple third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of the ...

This project provide an HTTP tunnel connection, it contains an server that can receive HTTP connections and delivery to the target desired, but with IP from the current host (Whitelist host).

HTTP Tunnel This project provide an HTTP tunnel connection The project contains an serve:r that can receive HTTP connections and delivery to the target desired, but with IP from the current host (Whitelist host) Purpose Some API services work with an Ips whitelist, during the development process is necessary connect to this API The idea of this project is provide the wa

CWE-79 https://github.com/twbs/bootstrap/pull/27047 https://github.com/twbs/bootstrap/issues/27915#issuecomment-452196628 https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906 https://github.com/twbs/bootstrap/issues/27045 https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/https://access.redhat.com/errata/RHSA-2019:1456 https://access.redhat.com/errata/RHBA-2019:1076 https://access.redhat.com/errata/RHBA-2019:1570 https://access.redhat.com/errata/RHSA-2019:3023 https://access.redhat.com/errata/RHSA-2020:0132 https://access.redhat.com/errata/RHSA-2020:0133 https://www.tenable.com/security/tns-2021-14 https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E https://nvd.nist.gov https://github.com/andersoncontreira/http-tunnel-node https://access.redhat.com/errata/RHSA-2020:5571 https://alas.aws.amazon.com/AL2/ALAS-2020-1519.html

Get Started

CVE-2018-20677

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect