A flaw was found in Bootstrap. Affected versions of this package are vulnerable to Cross-Site Scripting (XSS) attacks via the data-target attribute. References: https://github.com/twbs/bootstrap/issues/20184 Patches: * V4 https://github.com/twbs/bootstrap/pull/23679 https://github.com/twbs/bootstrap/commit/9612830701211d757ff95ceccbb494fd2e7ee17e * V3 https://github.com/twbs/bootstrap/pull/23687 https://github.com/twbs/bootstrap/pull/23687/commits/d9be1da55bf0f94a81e8a2c9acf5574fb801306e
Created python-XStatic-Bootstrap-SCSS tracking bugs for this issue: Affects: epel-7 [bug 1537293] Affects: fedora-all [bug 1537292] Created rubygem-bootstrap-sass tracking bugs for this issue: Affects: fedora-all [bug 1537294]
Statement: This issue affects the versions of bootstrap-sass as shipped with CloudForms version 5. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. This issue affects the versions of bootstrap as shipped with Red Hat Satellite version 5. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. This issue affects the versions of ruby193-rubygem-bootstrap-sass as shipped with Red Hat Satellite version 6. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. This issue affects the versions of bootstrap-scss as shipped with Red Hat OpenStack versions 6 - 12. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.