CVE-2019-10215

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
08/10/2019
Last modified:
12/02/2023

Description

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:bootstrap-3-typeahead_project:bootstrap-3-typeahead:*:*:*:*:*:*:*:* 4.0.2 (excluding)