Bootstrap – CVE-2019-8331

Home » Blog » Bootstrap – CVE-2019-8331

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible in the tooltip or popover data-template attribute.
This will allow the attacker to add and modify the data. Also known as CVE-2019-8331.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix Bootstrap – CVE-2019-8331, update the version of the Bootstrap being used.
Make sure its version is 4.3.1 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8331

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Browser Exploitation

We know that it’s possible to exploit weaknesses (or vulnerabilities) that exist in anything, from a certain code to the entire application, let’s talk about

Injection Attacks – You better inject yourself before you get-hacked yourself

Besides the most creative title you’ve ever seen, there are many things we do not like that we can talk about, in this case, we

Networking? – Social Engineering

In our time, we know that socializing has a very high importance and that every person (almost) has a basic need to maintain certain “connection”

Your SQL got the I(njection)

We’ve talked about it before right? or am i the only one having a Deja-Vu? Or an SQL Injection? No on likes doctors, or needles,

To serve or not to serve – DoS vs. DDoS

If you’ve heard of the beautiful term called DoS before, great! that’s not it. To the “veterans” among us this term usually attributed to DOS

The Risks in Web Applications and other scary things…

There are couple of things regarding Risks in Web-Based Applications that you should know, let’s talk about them. When crossing the street, we look at

WEB APPLICATION VULNERABILITY SCANNER