CVE-2024-6531Cross-site Scripting in Bootstrap

CWE-79Cross-site Scripting4 documents4 sources
Severity
6.4MEDIUMOSV
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Twbs Bootstrap
Timeline
PublishedJun 5

Description

Title: Bootstrap vulnerabilities Summary: Several security issues were fixed in Bootstrap. It was discovered that Bootstrap did not correctly sanitize certain input in the carousel component. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2024-6484, CVE-2024-6531) It was discovered that Bootstrap did not correctly sanitize certain input in the button plugin. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack

Affected Packages1 packages

Packagisttwbs/bootstrap4.0.05.0.0

🔴Vulnerability Details

2
OSV
twitter-bootstrap3, twitter-bootstrap4 vulnerabilities2025-06-05
GHSA
Withdrawn Advisory: Bootstrap Cross-Site Scripting (XSS) vulnerability2024-07-11

📋Vendor Advisories

1
Ubuntu
Bootstrap vulnerabilities2025-06-05

💬Community

1
Bugzilla
CVE-2023-6531 kernel: GC's deletion of an SKB races with unix_stream_read_generic() leading to UAF2023-12-05
CVE-2024-6531 — Cross-site Scripting in Twbs Bootstrap | cvebase