VYPR
Moderate severityOSV Advisory· Published Jan 9, 2019· Updated Aug 6, 2024

CVE-2016-10735

CVE-2016-10735

Description

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
bootstrapnpm
>= 2.0.4, < 3.4.03.4.0
bootstrapnpm
>= 4.0.0-beta, < 4.0.0-beta.24.0.0-beta.2
org.webjars:bootstrapMaven
>= 2.0.4, < 3.4.03.4.0
org.webjars:bootstrapMaven
>= 4.0.0-beta, < 4.0.0-beta.24.0.0-beta.2
bootstrapRubyGems
< 4.0.0-beta.24.0.0-beta.2
twbs/bootstrapPackagist
>= 2.0.4, < 3.4.03.4.0
twbs/bootstrapPackagist
>= 4.0.0-beta, < 4.0.0-beta.24.0.0-beta.2
bootstrapNuGet
>= 2.0.4, < 3.4.03.4.0
bootstrapNuGet
>= 4.0.0-beta, < 4.0.0-beta.24.0.0-beta.2
bootstrap-sassnpm
>= 2.0.4, < 3.4.03.4.0
bootstrap-sassRubyGems
>= 2.0.4, < 3.4.03.4.0
bootstrap.sassNuGet
>= 4.0.0-beta, < 4.0.0-beta.24.0.0-beta.2

Affected products

50

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.