This page lists publicly disclosed CVE vulnerabilities affecting getbootstrap bootstrap (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-8331 | In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. | [email protected] | 6.1 | 16.86% | 2019-02-20 | 2024-11-21 |
| CVE-2018-20677 | In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. | [email protected] | 6.1 | 4.08% | 2019-01-09 | 2024-11-21 |
| CVE-2018-20676 | In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. | [email protected] | 6.1 | 3.93% | 2019-01-09 | 2024-11-21 |
| CVE-2016-10735 | In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. | [email protected] | 6.1 | 4.16% | 2019-01-09 | 2024-11-21 |
| CVE-2018-14042 | In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | [email protected] | 6.1 | 3.99% | 2018-07-13 | 2024-11-21 |
| CVE-2018-14041 | In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. | [email protected] | 6.1 | 4.29% | 2018-07-13 | 2024-11-21 |
| CVE-2018-14040 | In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | [email protected] | 6.1 | 4.13% | 2018-07-13 | 2024-11-21 |