vulnerability

Red Hat OpenShift: CVE-2019-10215: bootstrap3-typeahead.js: Cross-site scripting via highlighter() function

Name: Red Hat OpenShift: CVE-2019-10215: bootstrap3-typeahead.js: Cross-site scripting via highlighter() function
Creator: Red Hat
Published: 2019-10-08T00:00:00.000Z
Keywords: CVE, CWE-79, Red Hat OpenShift, 2019, 10215, bootstrap3, linuxrpm-upgrade-golang-github-prometheus, Severity 4

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Oct 8, 2019

Added

Nov 14, 2019

Modified

Mar 30, 2026

Description

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.

Solution

linuxrpm-upgrade-golang-github-prometheus

References

CVE-2019-10215
https://attackerkb.com/topics/CVE-2019-10215
CWE-79
EUVD-EUVD-2019-2230
REDHAT-RHSA-2019:3771
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-2230

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report