org.webjars.bowergithub.thdoan:bootstrap-select 1.6.4 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.webjars.bowergithub.thdoan:bootstrap-select package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS) org.webjars.bowergithub.thdoan:bootstrap-select is an open source toolkit for developing with HTML, CSS, and JS. Quickly prototype your ideas or build your entire app with our Sass variables and mixins, responsive grid system, extensive prebuilt components, and powerful plugins built on jQuery. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via `title` and `data-content`. How to fix Cross-site Scripting (XSS)? There is no fixed version for `org.webjars.bowergithub.thdoan:bootstrap-select`.	[0,)
M Cross-site Scripting (XSS) org.webjars.bowergithub.thdoan:bootstrap-select is an open source toolkit for developing with HTML, CSS, and JS. Quickly prototype your ideas or build your entire app with our Sass variables and mixins, responsive grid system, extensive prebuilt components, and powerful plugins built on jQuery. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The package does not escape `title` values on `<option>` tags. This may allow attackers to execute arbitrary JavaScript in a victim's browser. How to fix Cross-site Scripting (XSS)? There is no fixed version for `org.webjars.bowergithub.thdoan:bootstrap-select`.	[0,)
H Cross-site Scripting (XSS) org.webjars.bowergithub.thdoan:bootstrap-select is an open source toolkit for developing with HTML, CSS, and JS. Quickly prototype your ideas or build your entire app with our Sass variables and mixins, responsive grid system, extensive prebuilt components, and powerful plugins built on jQuery. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the use of the `data-subtext` attribute, in cases where that content originates from a user-controlled input. How to fix Cross-site Scripting (XSS)? There is no fixed version for `org.webjars.bowergithub.thdoan:bootstrap-select`.	[0,)

Vulnerability

Vulnerable Version

Cross-site Scripting (XSS)

org.webjars.bowergithub.thdoan:bootstrap-select is an open source toolkit for developing with HTML, CSS, and JS. Quickly prototype your ideas or build your entire app with our Sass variables and mixins, responsive grid system, extensive prebuilt components, and powerful plugins built on jQuery.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via title and data-content.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for org.webjars.bowergithub.thdoan:bootstrap-select.

[0,)

Cross-site Scripting (XSS)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The package does not escape title values on <option> tags. This may allow attackers to execute arbitrary JavaScript in a victim's browser.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for org.webjars.bowergithub.thdoan:bootstrap-select.

[0,)

Cross-site Scripting (XSS)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the use of the data-subtext attribute, in cases where that content originates from a user-controlled input.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for org.webjars.bowergithub.thdoan:bootstrap-select.

[0,)

org.webjars.bowergithub.thdoan:bootstrap-select@1.6.4 vulnerabilities

latest version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities

How to fix?