Bootstrap vulnerable to Cross-Site Scripting (XSS)
Moderate severity
GitHub Reviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Jan 23, 2024
Description
Published by the National Vulnerability Database
Jul 13, 2018
Published to the GitHub Advisory Database
May 13, 2022
Reviewed
Sep 15, 2022
Last updated
Jan 23, 2024
In Bootstrap starting in version 2.3.0 and prior to 3.4.0, as well as 4.x before 4.1.2, XSS is possible in the collapse data-parent attribute.
References