CVE-2019-20921

bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim’s browser.

View Full Alert

Related Posts

  • CVE-2019-19935

    Froala Editor before 3.0.6 allows XSS. View Full Alert

  • CVE-2019-19455

    Wowza Streaming Engine through 2019-11-28 has Insecure Permissions. View Full Alert

  • CVE-2019-7177

    Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin. View Full Alert