Bootstrap – CVE-2016-10735

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).
This vulnerability works differently than CVE-2018-14041.

Cross-site scripting (XSS) is possible to use in the data-target attribute.
Also known as CVE-2016-10735.

This vulnerability allows attackers to modify system files and information.

Recommendation

To deal with CVE-2016-10735, update to either of the following versions:
To 3.4.0, 4.x-beta versions are also vulnerable up until 4.0.0-beta.2 and higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »