[DepShield] (CVSS 6.1) Vulnerability due to usage of bootstrap:3.4.1

Question

[DepShield] (CVSS 6.1) Vulnerability due to usage of bootstrap:3.4.1

sonatype-depshield opened this issue 5 years ago · comments

sonatype-depshield commented 5 years ago

Vulnerabilities

DepShield reports that this application's usage of bootstrap:3.4.1 results in the following vulnerability(s):

(CVSS 6.1) CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

issue-label-bot · Answer 1 · Fri Nov 22 2019 09:06:29 GMT+0800 (China Standard Time)

Issue-Label Bot is automatically applying the label bug to this issue, with a confidence of 0.89. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.