Closed mend-for-github-com[bot] closed 2 years ago
:heavy_check_mark: This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.
WS-2018-0021 - Medium Severity Vulnerability
Vulnerable Library - bootstrap-3.3.7.min.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Path to vulnerable library: /fs-agent/src/test/resources/resolver/php/vendor/phpunit/php-code-coverage/src/Report/Html/Renderer/Template/js/bootstrap.min.js,/fs-agent/target/test-classes/resolver/php/vendor/phpunit/php-code-coverage/src/Report/Html/Renderer/Template/js/bootstrap.min.js
Dependency Hierarchy: - :x: **bootstrap-3.3.7.min.js** (Vulnerable Library)
Vulnerability Details
XSS in data-target in bootstrap (3.3.7 and before)
Publish Date: 2017-06-27
URL: WS-2018-0021
CVSS 2 Score Details (6.5)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://github.com/twbs/bootstrap/issues/20184
Release Date: 2019-06-12
Fix Resolution: 3.4.0