Giters

Kreshnik / ninjecture

A simple module based architecture, for your Laravel projects :alien:.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

WS-2018-0021 Medium Severity Vulnerability detected by WhiteSource

mend-bolt-for-github opened this issue · comments

commented

WS-2018-0021 - Medium Severity Vulnerability

Vulnerable Library - bootstrap-sass-3.3.7.tgz

bootstrap-sass is a Sass-powered version of Bootstrap 3, ready to drop right into your Sass powered applications.

path: /ninjecture/node_modules/bootstrap-sass/package.json

Library home page: https://registry.npmjs.org/bootstrap-sass/-/bootstrap-sass-3.3.7.tgz

Dependency Hierarchy:

  • bootstrap-sass-3.3.7.tgz (Vulnerable Library)

Vulnerability Details

XSS in data-target in bootstrap (3.3.7 and before)

Publish Date: 2017-06-27

URL: WS-2018-0021

CVSS 2 Score Details (6.5)

Base Score Metrics not available

Suggested Fix

Type: Change files

Origin: twbs/bootstrap@d9be1da

Release Date: 2017-08-25

Fix Resolution: Replace or update the following files: alert.js, carousel.js, collapse.js, dropdown.js, modal.js

Step up your Open Source Security Game with WhiteSource here