Ubuntu
python-xstatic-bootstrap-scss package

  1. Bug #1940450
  2. Comment #0

Comment 0 for bug 1940450

Revision history for this message
Heather Lemon (hypothetical-lemon) wrote :

The data-template attribute of the tooltip and popover plugins lacks input sanitization and may allow attacker to execute arbitrary JavaScript.

github source: https://github.com/twbs/bootstrap/pull/28236
github upstream MR: https://github.com/twbs/bootstrap/pull/28236/commits/5efa9b531d25927b907e3fa24b818608bc38a2f0
ubuntu-cve https://ubuntu.com/security/CVE-2019-8331

openstack-dashboard,from xenial UCA, python-django-horizon version 13.0.2-0ubuntu3~cloud0
`pull-uca-source python-django-horizon 3:13.0.2-0ubuntu3~cloud0`