bootstrap-sass 3.0.3.0
XSS vulnerability in bootstrap-sass
medium severity CVE-2019-8331>= 3.4.1
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
bootstrap Cross-site Scripting vulnerability
medium severity CVE-2018-20677>= 3.4.0
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
XSS vulnerability that affects bootstrap
medium severity CVE-2018-20676>= 3.4.0
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Bootstrap Cross-site Scripting vulnerability
medium severity CVE-2018-14042~> 3.4.0, >= 4.1.2
< 2.3.0
In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041.
Bootstrap vulnerable to Cross-Site Scripting (XSS)
medium severity CVE-2018-14040~> 3.4.0, >= 4.1.2
< 2.3.0
In Bootstrap starting in version 2.3.0 and prior to 3.4.0, as well as 4.x before 4.1.2, XSS is possible in the collapse data-parent attribute.
XSS vulnerability via data-target in bootstrap-sass
medium severity CVE-2016-10735>= 3.4.0
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.