Search for packages
| purl | pkg:nuget/Bootstrap.Less@3.4.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-3ygq-cbu4-23ad | Bootstrap Vulnerable to Cross-Site Scripting Versions of `bootstrap` prior to 3.4.1 for 3.x and 4.3.1 for 4.x are vulnerable to Cross-Site Scripting (XSS). The `data-template` attribute of the tooltip and popover plugins lacks input sanitization and may allow attacker to execute arbitrary JavaScript. ## Recommendation For `bootstrap` 4.x upgrade to 4.3.1 or later. For `bootstrap` 3.x upgrade to 3.4.1 or later. |
CVE-2019-8331
GHSA-9v3m-8fp8-mj99 GHSA-fxwm-579q-49qq GHSA-wh77-3x4m-4q9g |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-03T17:32:46.619364+00:00 | GitLab Importer | Fixing | VCID-3ygq-cbu4-23ad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Bootstrap.Less/CVE-2019-8331.yml | 37.0.0 |
| 2025-07-01T18:11:29.781906+00:00 | GitLab Importer | Fixing | VCID-3ygq-cbu4-23ad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Bootstrap.Less/CVE-2019-8331.yml | 36.1.3 |
| 2025-07-01T14:29:40.353457+00:00 | GHSA Importer | Fixing | VCID-3ygq-cbu4-23ad | https://github.com/advisories/GHSA-9v3m-8fp8-mj99 | 36.1.3 |
| 2025-07-01T12:21:58.005048+00:00 | GithubOSV Importer | Fixing | VCID-3ygq-cbu4-23ad | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/02/GHSA-9v3m-8fp8-mj99/GHSA-9v3m-8fp8-mj99.json | 36.1.3 |