CVE-2016-10735

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2016-10735

Severity

6.1

Medium

CVSS V3

Description

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

References

https://images.chainguard.dev/security/CGA-2r8p-562f-8pvm
https://github.com/advisories/GHSA-4p24-vmcr-4gqj
https://images.chainguard.dev/security/CGA-jf97-757v-c8c5
https://images.chainguard.dev/security/CGA-6h25-xgj8-8hjx
https://images.chainguard.dev/security/CGA-p633-c53m-6m8c
https://images.chainguard.dev/security/CGA-7p7c-8258-fr3q
https://images.chainguard.dev/security/CGA-gf3v-8r72-w784
https://images.chainguard.dev/security/CGA-rw48-3p7v-8p34
https://images.chainguard.dev/security/CGA-vwv2-9g95-gpjr
https://images.chainguard.dev/security/CGA-fx66-hxqp-j7jx
https://images.chainguard.dev/security/CGA-v832-4hhm-5q9x
https://images.chainguard.dev/security/CGA-96mv-fwg7-3r8x
https://images.chainguard.dev/security/CGA-7975-4mjh-xvxx
https://images.chainguard.dev/security/CGA-86vm-8587-vcpj
https://images.chainguard.dev/security/CGA-cx7h-59rq-5gc8
https://images.chainguard.dev/security/CGA-wmh9-6g9p-w8qc
https://www.tenable.com/security/tns-2021-14
https://access.redhat.com/errata/RHBA-2019:1076
https://access.redhat.com/errata/RHBA-2019:1570
https://access.redhat.com/errata/RHSA-2019:1456
https://access.redhat.com/errata/RHSA-2019:3023
https://access.redhat.com/errata/RHSA-2020:0132
https://access.redhat.com/errata/RHSA-2020:0133
https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/
https://github.com/twbs/bootstrap/issues/20184
https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906
https://github.com/twbs/bootstrap/pull/23679
https://github.com/twbs/bootstrap/pull/23687
https://github.com/twbs/bootstrap/pull/26460

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2016-10735

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company