VulnerableCode Package Details - pkg:nuget/bootstrap.sass@4.0.0-beta

Search for packages

Vulnerability	Summary	Fixed by
VCID-eh2s-9hss-yken Aliases: CVE-2016-10735 GHSA-4p24-vmcr-4gqj	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.	4.0.0-beta.2 Affected by 0 other vulnerabilities. 4.0.0-beta2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-p87t-vvdx-b7dv Aliases: CVE-2019-8331 GHSA-9v3m-8fp8-mj99 GHSA-fxwm-579q-49qq GHSA-wh77-3x4m-4q9g	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') In Bootstrap, XSS is possible in the tooltip or popover data-template attribute.	4.3.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-eh2s-9hss-yken
Aliases:
CVE-2016-10735
GHSA-4p24-vmcr-4gqj

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

4.0.0-beta.2
Affected by 0 other vulnerabilities.

4.0.0-beta2
Affected by 1 other vulnerability.

VCID-p87t-vvdx-b7dv
Aliases:
CVE-2019-8331
GHSA-9v3m-8fp8-mj99
GHSA-fxwm-579q-49qq
GHSA-wh77-3x4m-4q9g

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') In Bootstrap, XSS is possible in the tooltip or popover data-template attribute.

4.3.1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:52:34.422593+00:00	GitLab Importer	Affected by	VCID-p87t-vvdx-b7dv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2019-8331.yml	38.4.0
2026-04-16T20:51:18.372982+00:00	GitLab Importer	Affected by	VCID-eh2s-9hss-yken	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2016-10735.yml	38.4.0
2026-04-11T22:03:23.988945+00:00	GitLab Importer	Affected by	VCID-p87t-vvdx-b7dv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2019-8331.yml	38.3.0
2026-04-11T22:02:01.054889+00:00	GitLab Importer	Affected by	VCID-eh2s-9hss-yken	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2016-10735.yml	38.3.0
2026-04-02T22:16:25.162699+00:00	GitLab Importer	Affected by	VCID-p87t-vvdx-b7dv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2019-8331.yml	38.1.0
2026-04-02T22:15:01.440674+00:00	GitLab Importer	Affected by	VCID-eh2s-9hss-yken	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2016-10735.yml	38.1.0
2026-04-01T16:34:00.520999+00:00	GitLab Importer	Affected by	VCID-p87t-vvdx-b7dv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2019-8331.yml	38.0.0
2026-04-01T15:57:14.596678+00:00	GHSA Importer	Affected by	VCID-eh2s-9hss-yken	https://github.com/advisories/GHSA-4p24-vmcr-4gqj	38.0.0
2026-04-01T12:48:15.286443+00:00	GitLab Importer	Affected by	VCID-eh2s-9hss-yken	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap.sass/CVE-2016-10735.yml	38.0.0