CVE 2019-8331
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- BID: 107375
- BUGTRAQ: 20190509 dotCMS v5.1.1...
- CONFIRM: https://blog.getbootst...
- CONFIRM: https://support.f5.com...
- FULLDISC: 20190510 Re: dotCMS v5...
- FULLDISC: 20190510 dotCMS v5.1.1...
- FULLDISC: 20190510 dotCMS v5.1.1...
- MISC: https://github.com/twb...
- MISC: https://github.com/twb...
- MISC: https://github.com/twb...
- REDHAT: RHSA-2019:1456
- MLIST: [flink-dev] 20190811 A...
- MLIST: [flink-user] 20190811 ...
- MLIST: [flink-user] 20190813 ...
- MLIST: [flink-user] 20190813 ...
- MLIST: [superset-dev] 2019092...
- REDHAT: RHSA-2019:3023
- REDHAT: RHSA-2019:3024
- MLIST: [drill-dev] 20191017 D...
- MLIST: [drill-dev] 20191021 [...
- MLIST: [drill-issues] 2019102...
- CONFIRM: https://support.f5.com...
- MISC: http://packetstormsecu...
- MLIST: [hbase-issues] 2020111...
- MLIST: [pulsar-commits] 20201...
- MISC: https://www.oracle.com...
- CONFIRM: https://www.tenable.co...
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)