Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-popover.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-popover.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-alert.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-alert.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-modal.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-modal.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-tooltip.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-tooltip.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/examples/carousel.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-scrollspy.js,/tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-scrollspy.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-transition.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-transition.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-carousel.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-carousel.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-button.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-button.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/examples/carousel.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-collapse.js,/tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-collapse.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-tab.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-tab.js
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2016-10735 - Medium Severity Vulnerability
Vulnerable Libraries - bootstrap-3.3.4.min.js, bootstrap-popover-2.3.1.js, bootstrap-alert-2.3.1.js, bootstrap-modal-2.3.1.js, bootstrap-tooltip-2.3.1.js, bootstrap-scrollspy-2.3.1.js, bootstrap-transition-2.3.1.js, bootstrap-carousel-2.3.1.js, bootstrap-button-2.3.1.js, bootstrap-affix-2.3.1.js, bootstrap-collapse-2.3.1.js, bootstrap-tab-2.3.1.js
bootstrap-3.3.4.min.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/bootstrap.min.js
Path to dependency file: /tvaultui/bower_components/ng-table/docs/template/index.template.html
Path to vulnerable library: /tvaultui/bower_components/ng-table/docs/template/index.template.html
Dependency Hierarchy: - :x: **bootstrap-3.3.4.min.js** (Vulnerable Library)
bootstrap-popover-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-popover.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-popover.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-popover.js
Dependency Hierarchy: - :x: **bootstrap-popover-2.3.1.js** (Vulnerable Library)
bootstrap-alert-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-alert.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-alert.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-alert.js
Dependency Hierarchy: - :x: **bootstrap-alert-2.3.1.js** (Vulnerable Library)
bootstrap-modal-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-modal.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-modal.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-modal.js
Dependency Hierarchy: - :x: **bootstrap-modal-2.3.1.js** (Vulnerable Library)
bootstrap-tooltip-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-tooltip.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-tooltip.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-tooltip.js
Dependency Hierarchy: - :x: **bootstrap-tooltip-2.3.1.js** (Vulnerable Library)
bootstrap-scrollspy-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-scrollspy.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/examples/carousel.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-scrollspy.js,/tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-scrollspy.js
Dependency Hierarchy: - :x: **bootstrap-scrollspy-2.3.1.js** (Vulnerable Library)
bootstrap-transition-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-transition.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-transition.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-transition.js
Dependency Hierarchy: - :x: **bootstrap-transition-2.3.1.js** (Vulnerable Library)
bootstrap-carousel-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-carousel.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-carousel.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-carousel.js
Dependency Hierarchy: - :x: **bootstrap-carousel-2.3.1.js** (Vulnerable Library)
bootstrap-button-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-button.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-button.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-button.js
Dependency Hierarchy: - :x: **bootstrap-button-2.3.1.js** (Vulnerable Library)
bootstrap-affix-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-affix.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-affix.js
Dependency Hierarchy: - :x: **bootstrap-affix-2.3.1.js** (Vulnerable Library)
bootstrap-collapse-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-collapse.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/examples/carousel.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-collapse.js,/tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-collapse.js
Dependency Hierarchy: - :x: **bootstrap-collapse-2.3.1.js** (Vulnerable Library)
bootstrap-tab-2.3.1.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/js/bootstrap-tab.js
Path to dependency file: /tvaultui/bower_components/bootstrap/docs/customize.html
Path to vulnerable library: /tvaultui/bower_components/bootstrap/docs/assets/js/bootstrap-tab.js,/tvaultui/bower_components/bootstrap/docs/examples/../assets/js/bootstrap-tab.js
Dependency Hierarchy: - :x: **bootstrap-tab-2.3.1.js** (Vulnerable Library)
Found in base branch: dev
Vulnerability Details
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Publish Date: 2019-01-09
URL: CVE-2016-10735
CVSS 3 Score Details (6.1)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735
Release Date: 2019-01-09
Fix Resolution: bootstrap - 3.4.0, 4.0.0-beta.2