Closed mend-bolt-for-github[bot] closed 3 years ago
:heavy_check_mark: This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.
WS-2018-0021 - Medium Severity Vulnerability
Vulnerable Library - bootstrap-3.3.6-3.3.6.js
Google-styled theme for Bootstrap.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/todc-bootstrap/3.3.6-3.3.6/js/bootstrap.js
Path to vulnerable library: /BlockDockServer/grails-app/assets/javascripts/bootstrap.js
Dependency Hierarchy: - :x: **bootstrap-3.3.6-3.3.6.js** (Vulnerable Library)
Vulnerability Details
XSS in data-target in bootstrap (3.3.7 and before)
Publish Date: 2017-06-27
URL: WS-2018-0021
CVSS 2 Score Details (6.5)
Base Score Metrics not available
Suggested Fix
Type: Change files
Origin: https://github.com/twbs/bootstrap/commit/d9be1da55bf0f94a81e8a2c9acf5574fb801306e
Release Date: 2017-08-25
Fix Resolution: Replace or update the following files: alert.js, carousel.js, collapse.js, dropdown.js, modal.js
Step up your Open Source Security Game with WhiteSource here