Lucene search
AnonymousNODEJS:1691HistoryMay 07, 2021 - 4:49 p.m.
Cross-site scripting in bootstrap-select
2021-05-0716:49:09
Anonymous
www.npmjs.com
122
0.001 Low
EPSS
Percentile
49.9%
Overview
bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim’s browser.
Recommendation
Upgrade to version 1.13.6 or later
References
| CPE | Name | Operator | Version |
|---|---|---|---|
| bootstrap-select | lt | 1.13.6 |
Related
osv
osv
Cross-Site Scripting in bootstrap-select
2020-09-03 15:54:00
Cross-site scripting in bootstrap-select
2021-05-07 16:47:54
CVE-2019-20921
2020-09-30 18:15:18
veracode
veracode
Cross-site Scripting (XSS)
2017-08-18 10:09:01
nvd
nvd
CVE-2019-20921
2020-09-30 18:15:18
prion
prion
Cross site scripting
2020-09-30 18:15:00
cvelist
cvelist
CVE-2019-20921
2020-09-30 12:30:36
github
github
Cross-site scripting in bootstrap-select
2021-05-07 16:47:54
nessus
nessus
cve
cve
CVE-2019-20921
2020-09-30 18:15:18
redhatcve
redhatcve
CVE-2019-20921
2020-09-30 16:17:52
