VulnerableCode Package Details - pkg:nuget/bootstrap@5.0.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-qnq4-m5wm-qbhm	Withdrawn Advisory: Bootstrap Cross-Site Scripting (XSS) vulnerability ## Withdrawn Advisory This advisory is withdrawn because it was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded. ## Original Descripton A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.	CVE-2024-6531 GHSA-vc8w-jr9v-vj7f

Vulnerability

Summary

Aliases

VCID-qnq4-m5wm-qbhm

Withdrawn Advisory: Bootstrap Cross-Site Scripting (XSS) vulnerability ## Withdrawn Advisory This advisory is withdrawn because it was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded. ## Original Descripton A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

CVE-2024-6531
GHSA-vc8w-jr9v-vj7f

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:04:14.211045+00:00	GitLab Importer	Fixing	VCID-qnq4-m5wm-qbhm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap/CVE-2024-6531.yml	38.4.0
2026-04-12T00:22:07.797773+00:00	GitLab Importer	Fixing	VCID-qnq4-m5wm-qbhm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap/CVE-2024-6531.yml	38.3.0
2026-04-03T00:29:42.806522+00:00	GitLab Importer	Fixing	VCID-qnq4-m5wm-qbhm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap/CVE-2024-6531.yml	38.1.0
2026-04-02T12:39:43.960601+00:00	GitLab Importer	Fixing	VCID-qnq4-m5wm-qbhm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/bootstrap/CVE-2024-6531.yml	38.0.0
2026-04-01T16:06:01.663964+00:00	GHSA Importer	Fixing	VCID-qnq4-m5wm-qbhm	https://github.com/advisories/GHSA-vc8w-jr9v-vj7f	38.0.0
2026-04-01T12:51:30.842515+00:00	GithubOSV Importer	Fixing	VCID-qnq4-m5wm-qbhm	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/07/GHSA-vc8w-jr9v-vj7f/GHSA-vc8w-jr9v-vj7f.json	38.0.0