Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2018-20676
PUBLISHED: 2019-01-09

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVE-2018-20677
PUBLISHED: 2019-01-09

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVE-2016-10735
PUBLISHED: 2019-01-09

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

CVE-2018-20674
PUBLISHED: 2019-01-09

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution.

CVE-2018-20675
PUBLISHED: 2019-01-09

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Top
%d bloggers like this: