Bootstrap – BootStrap Library – Cross-site Scripting (XSS)

Description

Cytrix has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS) attacks.
It seems that the Bootstrap library does not sanitize the incoming parameters properly.

Cross-site Scripting (XSS) is a security vulnerability in web applications that is caused by not validating inputs from the user.
That could allow attackers to inject malicious JavaScript code, execute codes through HTML tags and more.

Attackers often preform XSS attacks by sending malicious links to the user and enticing the user to click it.

Recommendation

The first recommendation is to sanitize user input properly to prevent it.

Update! It’s important to update your softwares so that it will fix bugs from previous versions.
Update your Bootstrap library to the latest version.

References

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Cytrix! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »