WS-2018-0021 (Medium) detected in bootstrap-3.0.0.js #20
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WS-2018-0021 - Medium Severity Vulnerability
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.0/js/bootstrap.js
Path to vulnerable library: /snapcast-volume-ui/public/javascripts/bootstrap.js,/snapcast-volume-ui/vendors/Blocks/Theme/assets/js/bootstrap.js
Dependency Hierarchy:
Found in HEAD commit: 5eb4076607aab7e69b08a96b902029bd1091c056
XSS in data-target in bootstrap (3.3.7 and before)
Publish Date: 2017-06-27
URL: WS-2018-0021
Base Score Metrics not available
Type: Change files
Origin: twbs/bootstrap@d9be1da
Release Date: 2017-08-25
Fix Resolution: Replace or update the following files: alert.js, carousel.js, collapse.js, dropdown.js, modal.js
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: