affix - XSS on target config #27045

don-spyker · 2018-08-10T09:07:08Z

found in bootstrap 3.3.7

$('.js-affixed-element-top').affix({ offset: { top: $('.js-page-header').outerHeight(true) - 10 , bottom: $('.js-footer').outerHeight(true) + 10 }, target: '<img src=x onerror=alert(0)>' })

https://jsbin.com/palokaxina/edit?html,output

Win 7 x64
Chrome 67.0.3396.99
Firefox 61.0.1 (64-Bit)

The text was updated successfully, but these errors were encountered:

Fixes twbs#27045

* fix(collapse): xss CVE-2018-14040 Fixes #26625 * fix(tooltip): xss CVE-2018-14042 Fixes #26628 * fix(tooltip): XSS on data-viewport attribute Fixes #27044 * fix(affix): XSS on target config Fixes #27045

don-spyker mentioned this issue Aug 10, 2018

Fix/xss issues on data attributes #27047

Merged

don-spyker added a commit to don-spyker/bootstrap that referenced this issue Aug 10, 2018

fix(affix): XSS on target config

ae29b6a

Fixes twbs#27045

Johann-S added js v3 labels Aug 12, 2018

Johann-S closed this as completed Aug 13, 2018

holatuwol added a commit to holatuwol/clay that referenced this issue Mar 26, 2021

Apply fix for CVE-2018-20677 from twbs/bootstrap#27045

b13a6cc

AASMACMX mentioned this issue Feb 26, 2023

CVE-2018-20677 @ Npm-bootstrap-3.1.1 CxDemoInABoxRepos/Java-Webgoat#253

Open

AASMACMX mentioned this issue Apr 26, 2023

CVE-2018-20677 @ Npm-bootstrap-3.1.1 CxDemoInABoxRepos/Java-Webgoat#521

Open

AASMACMX mentioned this issue Jul 10, 2023

CVE-2018-20677 @ Npm-bootstrap-3.1.1 CxDemoInABoxRepos/Java-Webgoat#819

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

affix - XSS on target config #27045

affix - XSS on target config #27045

don-spyker commented Aug 10, 2018

affix - XSS on target config #27045

affix - XSS on target config #27045

Comments

don-spyker commented Aug 10, 2018