CVE-2019-10215 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-10215 PUBLISHED CVSS 6.099999904632568 MEDIUM

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.

EPSS 0.43% · 62.3th percentile

Risk Scores

CVSS v3.0

6.099999904632568

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.43%

62.3th percentile

Affected Products

Vendor	Product	Versions
bootstrap-3-typeahead_project	bootstrap-3-typeahead	4.0.2
Red Hat	bootstrap3-typeahead.js	after version bootstrap3-typeahead 4.0.2

Timeline

Oct 8, 2019 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215 url
RHSA-2019:3771 vendor-advisory
openSUSE-SU-2020:1105 vendor-advisory

Open in Interactive Console →