1 results (0.003 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser. Bootstrap-3-Typeahead posterior a la versión 4.0.2, es vulnerable a un fallo de tipo cross-site scripting en la función highlighter(). Un atacante podría explotar esto mediante la interacción del usuario para ejecutar código en el navegador del usuario. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html https://access.redhat.com/errata/RHSA-2019:3771 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215 https://access.redhat.com/security/cve/CVE-2019-10215 https://bugzilla.redhat.com/show_bug.cgi?id=1735506 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •