Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XSS in Bootstrap button component
Vulnerability Description
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated with the data-loading-text attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into the attribute, which would then be executed when the button's loading state is triggered.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Bootstrap 安全漏洞
Vulnerability Description
Bootstrap是一款使用HTML、CSS和JavaScript开发的开源Web前端框架。 Bootstrap 3.4.5版本存在安全漏洞,该漏洞源于容易受到跨站点脚本(XSS)攻击,从而会导致注入恶意脚本和敏感数据泄露。
CVSS Information
N/A
Vulnerability Type
N/A