Bootstrap – CVE-2018-20676

Home » Blog » Bootstrap – CVE-2018-20676

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible through the tooltip data-viewport attribute. Also known as CVE-2018-20676.
This will allow the attacker to add and modify the data.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To prevent CVE-2018-20676, update the version of the Bootstrap being used.
Make sure its version is 3.4.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20676

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Hackers hat shop – The many types of hackers

In our world there are many types of people, people that we trust, those who cannot be trusted, liars, suspicious types, amateur and “Noobs” as

Cybersecurity – The thinnest security guards you will ever know

I can sit here all day long talking about vulnerabilities, attackers and other scary ways that puts our money and personal data at risk and

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

A leaking faucet – Data Leaks\Breaches

Imagine you’re running a 400 million dollar company, you got the company’s car, insurance and maybe even dental care! Now imagine that all the information

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

WEB APPLICATION VULNERABILITY SCANNER