CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3CVE-2021-23398 – Cross-site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-23398
24 Jun 2021 — All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting (XSS) via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output. Todas las versiones del paquete react-bootstrap-table son vulnerables a ataques de tipo Cross-site Scripting (XSS) por medio del parámetro dataFormat. El problema es desencadenado cuando se devuelve un elemento React no válido, conllevando ... • https://github.com/AllenFang/react-bootstrap-table/blob/26d07defab759e4f9bce22d1d568690830b8d9d7/src/TableBody.js%23L114-L118 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25086
https://notcve.org/view.php?id=CVE-2020-25086
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/adminUsers.php. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo application/modules/admin/views/advanced_settings/adminUsers.php • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25087
https://notcve.org/view.php?id=CVE-2020-25087
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/languages.php. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo application/modules/admin/views/advanced_settings/languages.php • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25088
https://notcve.org/view.php?id=CVE-2020-25088
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo application/modules/admin/views/blog/blogpublish.php • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25089
https://notcve.org/view.php?id=CVE-2020-25089
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo application/modules/admin/views/ecommerce/discounts.php • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25090
https://notcve.org/view.php?id=CVE-2020-25090
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo application/modules/admin/views/ecommerce/publish.php • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25091
https://notcve.org/view.php?id=CVE-2020-25091
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/vendor/views/add_product.php. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo application/modules/vendor/views/add_product.php • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25092
https://notcve.org/view.php?id=CVE-2020-25092
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in _parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo _parts/header.php, dentro de application/views/templates/clothesshop, application/views/templates/greenlabel, y application/views/templates/redlabel • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25093
https://notcve.org/view.php?id=CVE-2020-25093
03 Sep 2020 — Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel. Ecommerce-CodeIgniter-Bootstrap antes del 03-08-2020, permite un ataque de tipo XSS en el archivo blog.php. dentro application/views/templates/clothesshop, application/views/templates/onepage, y application/views/templates/redlabel • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/7c3c32d6526268b1c78d6d5741361e79292e9c22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10215 – bootstrap3-typeahead.js: Cross-site scripting via highlighter() function
https://notcve.org/view.php?id=CVE-2019-10215
08 Oct 2019 — Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser. Bootstrap-3-Typeahead posterior a la versión 4.0.2, es vulnerable a un fallo de tipo cross-site scripting en la función highlighter(). Un atacante podría explotar esto mediante la interacción del usuario para ejecutar código en el navegador del usuario. Red Hat OpenShift Container Platform is Red Hat's... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •