Getbootstrap Getbootstrap

  1. Vendors
  2. Getbootstrap

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Getbootstrap product.

Products by Getbootstrap Sorted by Most Security Vulnerabilities since 2018

Getbootstrap Bootstrap10 vulnerabilities

Getbootstrap Bootstrap Sass1 vulnerability

By the Year

In 2025 there have been 0 vulnerabilities in Getbootstrap. Last year, in 2024 Getbootstrap had 2 security vulnerabilities published. Right now, Getbootstrap is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 2 6.10
2023 0 0.00
2022 1 6.10
2021 0 0.00
2020 0 0.00
2019 5 6.84
2018 3 6.10

It may take a day or so for new Getbootstrap vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Getbootstrap Security Vulnerabilities

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks

CVE-2024-6531 6.1 - Medium - July 11, 2024

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

XSS

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks

CVE-2024-6484 6.1 - Medium - July 11, 2024

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

XSS

Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability

CVE-2022-26624 6.1 - Medium - April 08, 2022

Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.

XSS

Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org

CVE-2019-10842 9.8 - Critical - April 04, 2019

Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare.

Code Injection

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1

CVE-2019-8331 6.1 - Medium - February 20, 2019

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

XSS

In Bootstrap before 3.4.0

CVE-2018-20676 6.1 - Medium - January 09, 2019

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

XSS

In Bootstrap before 3.4.0

CVE-2018-20677 6.1 - Medium - January 09, 2019

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

XSS

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2

CVE-2016-10735 6.1 - Medium - January 09, 2019

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

XSS

In Bootstrap before 4.1.2

CVE-2018-14040 6.1 - Medium - July 13, 2018

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

XSS

In Bootstrap before 4.1.2

CVE-2018-14041 6.1 - Medium - July 13, 2018

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

XSS

In Bootstrap before 4.1.2

CVE-2018-14042 6.1 - Medium - July 13, 2018

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

XSS

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.