CVE-2018-20677

CVE-2018-20677

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

Published Jan 14, 2019

CVSS ScoreMedium

6.1

CVE-2018-20677

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

Published Jan 14, 2019

CVSS ScoreMedium

6.1

CVE ID: CVE-2018-20677
CWE: CWE-79
CVE Description: In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
Published: Jan 14, 2019
CVSS Score & Severity: 6.1Medium
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score: 9.805%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · Issue #26625PROJECT
GitHub · Issue #26628PROJECT
GitHub · Issue #27044PROJECT
GitHub · Issue #27045PROJECT
GitHub · PR #27047PROJECT

CVE ID: CVE-2018-20677
CWE: CWE-79
CVE Description: In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
Published: Jan 14, 2019
CVSS Score & Severity: 6.1Medium
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score: 9.805%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · Issue #26625PROJECT
GitHub · Issue #26628PROJECT
GitHub · Issue #27044PROJECT
GitHub · Issue #27045PROJECT
GitHub · PR #27047PROJECT

Find vulnerabilities. Fix fast with AI.