dean2021/onlinetools

WS-2018-0021 Medium Severity Vulnerability detected by WhiteSource

Opened this issue · 0 comments

mend-bolt-for-github commented

WS-2018-0021 - Medium Severity Vulnerability

Vulnerable Library - bootstrap-3.3.7-3.3.7.js

Google-styled theme for Bootstrap.

path: /onlinetools/cmsscan/static/js/bootstrap.js

Library home page: https://cdnjs.cloudflare.com/ajax/libs/todc-bootstrap/3.3.7-3.3.7/js/bootstrap.js

Dependency Hierarchy:

  • bootstrap-3.3.7-3.3.7.js (Vulnerable Library)

Vulnerability Details

XSS in data-target in bootstrap (3.3.7 and before)

Publish Date: 2017-06-27

URL: WS-2018-0021

CVSS 2 Score Details (6.5)

Base Score Metrics not available

Suggested Fix

Type: Change files

Origin: twbs/bootstrap@d9be1da

Release Date: 2017-08-25

Fix Resolution: Replace or update the following files: alert.js, carousel.js, collapse.js, dropdown.js, modal.js

Step up your Open Source Security Game with WhiteSource here