Search for packages
| purl | pkg:maven/org.webjars/bootstrap@5.0.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-qceg-ajt8-jfct | Bootstrap Cross-Site Scripting (XSS) vulnerability A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser. |
CVE-2024-6531
GHSA-vc8w-jr9v-vj7f |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-03T19:09:20.198003+00:00 | GitLab Importer | Fixing | VCID-qceg-ajt8-jfct | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars/bootstrap/CVE-2024-6531.yml | 37.0.0 |
| 2025-07-03T13:57:01.897253+00:00 | GitLab Importer | Fixing | VCID-qceg-ajt8-jfct | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars/bootstrap/CVE-2024-6531.yml | 36.1.3 |
| 2025-07-01T14:35:18.671546+00:00 | GHSA Importer | Fixing | VCID-qceg-ajt8-jfct | https://github.com/advisories/GHSA-vc8w-jr9v-vj7f | 36.1.3 |
| 2025-07-01T12:10:56.601011+00:00 | GithubOSV Importer | Fixing | VCID-qceg-ajt8-jfct | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/07/GHSA-vc8w-jr9v-vj7f/GHSA-vc8w-jr9v-vj7f.json | 36.1.3 |