vulnerability
Oracle Linux: CVE-2018-20676: ELSA-2020-4670: idm:DL1 and idm:client security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | 2018-08-10 | 2020-10-07 | 2025-01-08 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
2018-08-10
Added
2020-10-07
Modified
2025-01-08
Description
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting Web site, which can lead to stealing the victim's cookie-based authentication credentials.
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting Web site, which can lead to stealing the victim's cookie-based authentication credentials.
Solution(s)
oracle-linux-upgrade-bind-dyndb-ldaporacle-linux-upgrade-custodiaoracle-linux-upgrade-ipa-clientoracle-linux-upgrade-ipa-client-commonoracle-linux-upgrade-ipa-client-epnoracle-linux-upgrade-ipa-client-sambaoracle-linux-upgrade-ipa-commonoracle-linux-upgrade-ipa-healthcheckoracle-linux-upgrade-ipa-healthcheck-coreoracle-linux-upgrade-ipa-python-compatoracle-linux-upgrade-ipa-selinuxoracle-linux-upgrade-ipa-serveroracle-linux-upgrade-ipa-server-commonoracle-linux-upgrade-ipa-server-dnsoracle-linux-upgrade-ipa-server-trust-adoracle-linux-upgrade-opendnssecoracle-linux-upgrade-python2-ipaclientoracle-linux-upgrade-python2-ipaliboracle-linux-upgrade-python2-ipaserveroracle-linux-upgrade-python3-custodiaoracle-linux-upgrade-python3-ipaclientoracle-linux-upgrade-python3-ipaliboracle-linux-upgrade-python3-ipaserveroracle-linux-upgrade-python3-jwcryptooracle-linux-upgrade-python3-kdcproxyoracle-linux-upgrade-python3-pyusboracle-linux-upgrade-python3-qrcodeoracle-linux-upgrade-python3-qrcode-coreoracle-linux-upgrade-python3-yubicooracle-linux-upgrade-slapi-nisoracle-linux-upgrade-softhsmoracle-linux-upgrade-softhsm-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.