Back to search
CVE-2019-8331
Published: Feb 20, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
107375
vdb-entry
x_refsource_BID
20190509 dotCMS v5.1.1 Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability
mailing-list
x_refsource_FULLDISC
20190510 dotCMS v5.1.1 Vulnerabilities
mailing-list
x_refsource_FULLDISC
20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability
mailing-list
x_refsource_FULLDISC
RHSA-2019:1456
vendor-advisory
x_refsource_REDHAT
[flink-user] 20190811 Apache flink 1.7.2 security issues
mailing-list
x_refsource_MLIST
[flink-dev] 20190811 Apache flink 1.7.2 security issues
mailing-list
x_refsource_MLIST
[flink-user] 20190813 Apache flink 1.7.2 security issues
mailing-list
x_refsource_MLIST
[flink-user] 20190813 Re: Apache flink 1.7.2 security issues
mailing-list
x_refsource_MLIST
[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1
mailing-list
x_refsource_MLIST
RHSA-2019:3023
vendor-advisory
x_refsource_REDHAT
RHSA-2019:3024
vendor-advisory
x_refsource_REDHAT
[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities
mailing-list
x_refsource_MLIST
[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list
mailing-list
x_refsource_MLIST
https://www.oracle.com/security-alerts/cpuApr2021.html
x_refsource_MISC
https://github.com/twbs/bootstrap/pull/28236
x_refsource_MISC
https://github.com/twbs/bootstrap/releases/tag/v4.3.1
x_refsource_MISC
https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/
x_refsource_CONFIRM
https://github.com/twbs/bootstrap/releases/tag/v3.4.1
x_refsource_MISC
https://support.f5.com/csp/article/K24383845
x_refsource_CONFIRM
https://www.tenable.com/security/tns-2021-14
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now