twbs/bootstrap

twbs/bootstrap

getbootstrap.com

Releases94

Frequency1 month 3 weeks

Last Release 10 months ago

Stars174K

The most popular HTML, CSS, and JavaScript framework for developing responsive, mobile first projects on the web.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-8331 ↗	Feb 20, 2019Wednesday, 20 February 2019, 16:29	6.1 MEDIUM	4.3 MEDIUM
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20676 ↗	Jan 9, 2019Wednesday, 9 January 2019, 05:29	—	4.3 MEDIUM
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-20677 ↗	Jan 9, 2019Wednesday, 9 January 2019, 05:29	—	4.3 MEDIUM
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2016-10735 ↗	Jan 9, 2019Wednesday, 9 January 2019, 05:29	—	4.3 MEDIUM
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2018-14040 ↗	Jul 13, 2018Friday, 13 July 2018, 14:29	—	4.3 MEDIUM
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2018-14041 ↗	Jul 13, 2018Friday, 13 July 2018, 14:29	—	4.3 MEDIUM
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CVE-2018-14042 ↗	Jul 13, 2018Friday, 13 July 2018, 14:29	—	4.3 MEDIUM
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.