CVE-2016-10735
CVE-2016-10735
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHBA-2019:1076https://access.redhat.com/errata/RHBA-2019:1570https://access.redhat.com/errata/RHSA-2019:1456https://access.redhat.com/errata/RHSA-2019:3023https://access.redhat.com/errata/RHSA-2020:0132https://access.redhat.com/errata/RHSA-2020:0133https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/https://github.com/twbs/bootstrap/issues/20184https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906https://github.com/twbs/bootstrap/pull/23679https://github.com/twbs/bootstrap/pull/23687https://github.com/twbs/bootstrap/pull/26460