CVE-2018-20677

Published: Jan 9, 2019
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-20677" target="_blank" rel="noopener"> CVE-2018-20677
GHSA: <a href="https://github.com/advisories/GHSA-ph58-4vrj-w6hr" target="_blank" rel="noopener"> GHSA-ph58-4vrj-w6hr
Severity: Low
Exploit:

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
getbootstrap / bootstrap	-	3.4.0
@lerna / bootstrap	-	3.4.0

Vulnerability Database