Bootstrap – CVE-2019-8331

Home » Blog » Bootstrap – CVE-2019-8331

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible in the tooltip or popover data-template attribute.
This will allow the attacker to add and modify the data. Also known as CVE-2019-8331.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix Bootstrap – CVE-2019-8331, update the version of the Bootstrap being used.
Make sure its version is 4.3.1 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8331

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

The fundamentals of HTML

HTML is not a single word, in oppose to what many people think, HTML stands for HyperText Markup Language, and from the fact the language’s

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Using your Work Against you – Reverse Engineering

There are many types of cyber attacks in our world, but what makes Reverse Engineering unique? Why is it considered to “Using your Work Against

Assets – Not just for Realtors

Throughout our lives we have learned that almost everything has a value. Whether it’s your car, phone and even a piece of paper lying down

The Risks in Web Applications and other scary things…

There are couple of things regarding Risks in Web-Based Applications that you should know, let’s talk about them. When crossing the street, we look at

WEB APPLICATION VULNERABILITY SCANNER