Getbootstrap
Products by Getbootstrap Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2024 there have been 0 vulnerabilities in Getbootstrap . Getbootstrap did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 6.10 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 5 | 6.84 |
2018 | 3 | 6.10 |
It may take a day or so for new Getbootstrap vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Getbootstrap Security Vulnerabilities
Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability
CVE-2022-26624
6.1 - Medium
- April 08, 2022
Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.
XSS
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org
CVE-2019-10842
9.8 - Critical
- April 04, 2019
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare.
Code Injection
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1
CVE-2019-8331
6.1 - Medium
- February 20, 2019
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
XSS
In Bootstrap before 3.4.0
CVE-2018-20676
6.1 - Medium
- January 09, 2019
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
XSS
In Bootstrap before 3.4.0
CVE-2018-20677
6.1 - Medium
- January 09, 2019
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
XSS
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2
CVE-2016-10735
6.1 - Medium
- January 09, 2019
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
XSS
In Bootstrap before 4.1.2
CVE-2018-14040
6.1 - Medium
- July 13, 2018
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
XSS
In Bootstrap before 4.1.2
CVE-2018-14041
6.1 - Medium
- July 13, 2018
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
XSS