← back
CVE-2018-20677

CVE-2018-20677

EPSS 4.0%
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHBA-2019:1076https://access.redhat.com/errata/RHBA-2019:1570https://access.redhat.com/errata/RHSA-2019:1456https://access.redhat.com/errata/RHSA-2019:3023https://access.redhat.com/errata/RHSA-2020:0132https://access.redhat.com/errata/RHSA-2020:0133https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/https://github.com/twbs/bootstrap/issues/27045https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906https://github.com/twbs/bootstrap/issues/27915#issuecomment-452196628https://github.com/twbs/bootstrap/pull/27047https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E