CVE-2018-20676

Published: Jan 9, 2019
Updated: Nov 8, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-20676" target="_blank" rel="noopener"> CVE-2018-20676
GHSA: <a href="https://github.com/advisories/GHSA-3mgp-fx93-9xv5" target="_blank" rel="noopener"> GHSA-3mgp-fx93-9xv5
Severity: Medium
Exploit:

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
getbootstrap / bootstrap	-	3.4.0
@lerna / bootstrap	-	3.4.0

Vulnerability Database