VDB
GHSA-9r7h-6639-v5mw
GHSA-9r7h-6639-v5mw
PUBLISHED
CVSS 8.600000381469727 HIGH
Cross-Site Scripting in bootstrap-select
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| npm | bootstrap-select | 0, 0, 0 |
| NuGet | bootstrap-select | 1.7.2, 1.7.5, 1.8.1 |
| NuGet | bootstrap-select | 0, 0, 0 |
Timeline
- Sep 3, 2020 CVE Published
- Oct 4, 2021 CVE Updated
- Mar 2, 2026 Security Advisory
References
- https://github.com/snapappointments/bootstrap-select product
- https://www.npmjs.com/advisories/1522 url
- GitHub Advisory GHSA-9r7h-6639-v5mw vendor-advisory
- https://github.com/dimpu/ngx-md/issues/129 discussion
- https://github.com/snapappointments/bootstrap-select/issues/2199 url
- https://github.com/snapappointments/bootstrap-select/commit/ab6e068748040cf3cda5859f6349b382402b8767 url
- https://issues.jtl-software.de/issues/SHOP-7964 url
- GitHub Advisory GHSA-7c82-mp33-r854 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-20921 vendor-advisory
- https://snyk.io/vuln/SNYK-JS-BOOTSTRAPSELECT-570457 url