Bootstrap – CVE-2018-20677

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Because of this vulnerability, Cross-site scripting (XSS) is possible in the affix configuration target property. Also known as CVE-2018-20677.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To prevent CVE-2018-20677, update the version of the Bootstrap being used.
Make sure its version is 3.4.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20677

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Kayran’s mission is to make

Read More »

Browser Exploitation

We know that it’s possible to exploit weaknesses (or vulnerabilities) that exist in anything, from a certain code to the entire application, let’s talk about

Read More »