Bootstrap – CVE-2018-20677

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Because of this vulnerability, Cross-site scripting (XSS) is possible in the affix configuration target property. Also known as CVE-2018-20677.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To prevent CVE-2018-20677, update the version of the Bootstrap being used.
Make sure its version is 3.4.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20677

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »