CVE-2019-8331
published 2019-02-20CVE-2019-8331: In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
Affected
74 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bootstrap-sass | bootstrap-sass | >= 3.0.0 < 3.4.1 | 3.4.1 |
| bootstrap-sass | bootstrap-sass | >= 3.0.0 < 3.4.1 | 3.4.1 |
| debian | twitter-bootstrap3 | < twitter-bootstrap3 3.4.1+dfsg-1 (bookworm) | twitter-bootstrap3 3.4.1+dfsg-1 (bookworm) |
| debian | twitter-bootstrap4 | < twitter-bootstrap3 3.4.1+dfsg-1 (bookworm) | twitter-bootstrap3 3.4.1+dfsg-1 (bookworm) |
| f5 | big-ip_access_policy_manager | >= 12.1.0 < 12.1.5.1 | 12.1.5.1 |
| f5 | big-ip_access_policy_manager | >= 13.0.0 < 13.1.3.4 | 13.1.3.4 |
| f5 | big-ip_access_policy_manager | >= 14.0.0 < 14.1.2.5 | 14.1.2.5 |
| f5 | big-ip_access_policy_manager | >= 15.0.0 < 15.1.0 | 15.1.0 |
| f5 | big-ip_advanced_firewall_manager | >= 12.1.0 < 12.1.5.1 | 12.1.5.1 |
| f5 | big-ip_advanced_firewall_manager | >= 13.0.0 < 13.1.3.4 | 13.1.3.4 |
| f5 | big-ip_advanced_firewall_manager | >= 14.0.0 < 14.1.2.5 | 14.1.2.5 |
| f5 | big-ip_advanced_firewall_manager | >= 15.0.0 < 15.1.0 | 15.1.0 |
| f5 | big-ip_analytics | >= 12.1.0 < 12.1.5.1 | 12.1.5.1 |
| f5 | big-ip_analytics | >= 13.0.0 < 13.1.3.4 | 13.1.3.4 |
| f5 | big-ip_analytics | >= 14.0.0 < 14.1.2.5 | 14.1.2.5 |
| f5 | big-ip_analytics | >= 15.0.0 < 15.1.0 | 15.1.0 |
| f5 | big-ip_application_acceleration_manager | >= 12.1.0 < 12.1.5.1 | 12.1.5.1 |
| f5 | big-ip_application_acceleration_manager | >= 13.0.0 < 13.1.3.4 | 13.1.3.4 |
| f5 | big-ip_application_acceleration_manager | >= 14.0.0 < 14.1.2.5 | 14.1.2.5 |
| f5 | big-ip_application_acceleration_manager | >= 15.0.0 < 15.1.0 | 15.1.0 |
| f5 | big-ip_application_security_manager | >= 12.1.0 < 12.1.5.1 | 12.1.5.1 |
| f5 | big-ip_application_security_manager | >= 13.0.0 < 13.1.3.4 | 13.1.3.4 |
| f5 | big-ip_application_security_manager | >= 14.0.0 < 14.1.2.5 | 14.1.2.5 |
| f5 | big-ip_application_security_manager | >= 15.0.0 < 15.1.0 | 15.1.0 |
| f5 | big-ip_domain_name_system | >= 12.1.0 < 12.1.5.1 | 12.1.5.1 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM