Bootstrap – CVE-2018-20677

Home » Blog » Bootstrap – CVE-2018-20677

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Because of this vulnerability, Cross-site scripting (XSS) is possible in the affix configuration target property. Also known as CVE-2018-20677.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To prevent CVE-2018-20677, update the version of the Bootstrap being used.
Make sure its version is 3.4.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20677

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

PT- Pentest – Penetration Testing

There’s no way you’ve had a working internet connection in the last year and you haven’t seen or heard the terms PT, Pentest or Penetration

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Kayran’s mission is to make

Cybersecurity – The thinnest security guards you will ever know

I can sit here all day long talking about vulnerabilities, attackers and other scary ways that puts our money and personal data at risk and

Horror Movie Villains – Common Malwares

In the field of Information Security (or, Cyber Security), there are many things we need to deal with. Just like the Horror Movie Villains we

Browser Exploitation

We know that it’s possible to exploit weaknesses (or vulnerabilities) that exist in anything, from a certain code to the entire application, let’s talk about

WEB APPLICATION VULNERABILITY SCANNER