{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-01-08T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-22T17:06:28.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/twbs/bootstrap/pull/26460"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/twbs/bootstrap/issues/20184"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/twbs/bootstrap/pull/23687"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/twbs/bootstrap/pull/23679"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"}, {"name": "RHSA-2019:1456", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1456"}, {"name": "RHBA-2019:1076", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2019:1076"}, {"name": "RHBA-2019:1570", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2019:1570"}, {"name": "RHSA-2019:3023", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3023"}, {"name": "RHSA-2020:0132", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0132"}, {"name": "RHSA-2020:0133", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0133"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2021-14"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10735", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906", "refsource": "MISC", "url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"}, {"name": "https://github.com/twbs/bootstrap/pull/26460", "refsource": "MISC", "url": "https://github.com/twbs/bootstrap/pull/26460"}, {"name": "https://github.com/twbs/bootstrap/issues/20184", "refsource": "MISC", "url": "https://github.com/twbs/bootstrap/issues/20184"}, {"name": "https://github.com/twbs/bootstrap/pull/23687", "refsource": "MISC", "url": "https://github.com/twbs/bootstrap/pull/23687"}, {"name": "https://github.com/twbs/bootstrap/pull/23679", "refsource": "MISC", "url": "https://github.com/twbs/bootstrap/pull/23679"}, {"name": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/", "refsource": "MISC", "url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"}, {"name": "RHSA-2019:1456", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1456"}, {"name": "RHBA-2019:1076", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:1076"}, {"name": "RHBA-2019:1570", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:1570"}, {"name": "RHSA-2019:3023", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3023"}, {"name": "RHSA-2020:0132", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0132"}, {"name": "RHSA-2020:0133", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0133"}, {"name": "https://www.tenable.com/security/tns-2021-14", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-14"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:30:20.165Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/twbs/bootstrap/pull/26460"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/twbs/bootstrap/issues/20184"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/twbs/bootstrap/pull/23687"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/twbs/bootstrap/pull/23679"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"}, {"name": "RHSA-2019:1456", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1456"}, {"name": "RHBA-2019:1076", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2019:1076"}, {"name": "RHBA-2019:1570", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2019:1570"}, {"name": "RHSA-2019:3023", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3023"}, {"name": "RHSA-2020:0132", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0132"}, {"name": "RHSA-2020:0133", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0133"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.tenable.com/security/tns-2021-14"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10735", "datePublished": "2019-01-09T05:00:00.000Z", "dateReserved": "2019-01-08T00:00:00.000Z", "dateUpdated": "2024-08-06T03:30:20.165Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*", "matchCriteriaId": "8497B424-E8CC-4FEF-844B-FE33F2C18E6E", "versionEndExcluding": "3.4.0", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*", "matchCriteriaId": "C5E15817-0A5D-4C30-9A3C-F85F275E78DC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."}, {"lang": "es", "value": "En las versiones de Bootstrap anteriores a la 3.4.0 y en las 4.x-beta anteriores a la 4.0.0-beta.2, Cross-Site Scripting (XSS) es posible en el atributo \"data-target\". Se trata de una vulnerabilidad diferente de CVE-2018-14041."}], "id": "CVE-2016-10735", "lastModified": "2024-11-21T02:44:37.590", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-09T05:29:00.883", "references": [{"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHBA-2019:1076"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHBA-2019:1570"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:1456"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:3023"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2020:0132"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2020:0133"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/issues/20184"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/pull/23679"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/pull/23687"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/pull/26460"}, {"source": "cve@mitre.org", "url": "https://www.tenable.com/security/tns-2021-14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHBA-2019:1076"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHBA-2019:1570"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:1456"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:3023"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2020:0132"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2020:0133"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/issues/20184"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/pull/23679"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/pull/23687"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/twbs/bootstrap/pull/26460"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.tenable.com/security/tns-2021-14"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ansible-runner-0:1.3.4-2.el8ar", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ansible-tower-0:3.5.2-1.el8at", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "cfme-0:5.11.0.28-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "cfme-appliance-0:5.11.0.28-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "cfme-gemset-0:5.11.0.28-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-image-template-0:1.1.11-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-infra-0:1.1.12-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-repositories-0:1.1.5-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-roles-0:1.1.7-2.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "prince-0:12.4-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-bambou-0:3.0.1-2.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-colorama-0:0.4.1-1.el8ost", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-daemon-0:2.1.2-9.el8ar", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-funcsigs-0:1.0.2-3.el8ost", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-future-0:0.16.0-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-lockfile-1:0.11.0-8.el8ar", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-mock-0:2.0.0-11.el8ost", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-pbr-0:5.1.2-2.el8ost", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-pexpect-0:4.6-2.el8ar", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-psutil-0:5.4.3-5.el8ar", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-pylxca-0:2.1.1-2.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-requests-toolbelt-0:0.8.0-2.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-tabulate-0:0.8.2-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "python-vspk-0:5.3.2-2.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "qpid-proton-0:0.28.0-1.el8", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "repmgr10-0:4.0.6-3.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-bcrypt-0:3.1.13-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-byebug-0:11.0.1-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-escape_utils-0:1.2.1-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-ffi-0:1.9.25-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-hamlit-0:2.8.10-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-http_parser.rb-0:0.6.0-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-linux_block_device-0:0.2.1-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-memory_buffer-0:0.1.0-2.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-nio4r-0:2.4.0-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-nokogiri-0:1.8.5-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-puma-0:3.7.1-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-qpid_proton-0:0.26.0-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-rugged-0:0.28.2-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-sassc-0:2.0.1-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-sqlite3-0:1.3.13-2.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-surro-gate-0:1.0.5-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-unf_ext-0:0.0.7.6-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "rubygem-websocket-driver-0:0.6.5-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "smem-0:1.4-1.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "v2v-conversion-host-0:1.14.2-1.el8ev", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHBA-2019:4199", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8", "package": "wmi-0:1.3.14-8.el8cf", "product_name": "CloudForms Management Engine 5.11", "release_date": "2019-12-12T00:00:00Z"}, {"advisory": "RHSA-2020:0133", "cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7.6", "package": "bootstrap", "product_name": "Red Hat Decision Manager 7", "release_date": "2020-01-16T00:00:00Z"}, {"advisory": "RHSA-2020:3936", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "ipa-0:4.6.8-5.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-09-29T00:00:00Z"}, {"advisory": "RHSA-2020:4670", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "idm:client-8030020200923172426.05ac3f11", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2020:4670", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "idm:DL1-8030020200923172343.9c827e52", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2020:4847", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "pki-core:10.6-8030020200911215836.5ff1562f", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2020:4847", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "pki-deps:10.6-8030020200527165326.30b713e6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2023:0556", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "impact": "low", "package": "bootstrap", "product_name": "Red Hat JBoss Enterprise Application Platform 7", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2023:0553", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "impact": "low", "package": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2023:0554", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "impact": "low", "package": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2023:0552", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "impact": "low", "package": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2020:5571", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2020-12-16T00:00:00Z"}, {"advisory": "RHSA-2020:5571", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS", "release_date": "2020-12-16T00:00:00Z"}, {"advisory": "RHSA-2020:0132", "cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.6", "package": "bootstrap", "product_name": "Red Hat Process Automation 7", "release_date": "2020-01-16T00:00:00Z"}, {"advisory": "RHSA-2019:1456", "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3", "package": "bootstrap", "product_name": "Red Hat Single Sign-On 7.3.2 zip", "release_date": "2019-06-11T00:00:00Z"}, {"advisory": "RHBA-2019:1076", "cpe": "cpe:/a:redhat:rhev_manager:4.3", "package": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev", "product_name": "Red Hat Virtualization Engine 4.3", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHBA-2019:1570", "cpe": "cpe:/a:redhat:rhev_manager:4.3", "package": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev", "product_name": "Red Hat Virtualization Engine 4.3", "release_date": "2019-06-20T00:00:00Z"}, {"advisory": "RHSA-2019:3023", "cpe": "cpe:/a:redhat:rhev_manager:4.3", "package": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev", "product_name": "Red Hat Virtualization Engine 4.3", "release_date": "2019-10-10T00:00:00Z"}], "bugzilla": {"description": "bootstrap: XSS in the data-target attribute", "id": "1668097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-79", "details": ["In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."], "name": "CVE-2016-10735", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "pki-core", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Affected", "package_name": "bootstrap", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Affected", "package_name": "python-XStatic-Bootstrap-SCSS", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:14", "fix_state": "Affected", "package_name": "python-XStatic-Bootstrap-SCSS", "product_name": "Red Hat OpenStack Platform 14 (Rocky)"}, {"cpe": "cpe:/a:redhat:openstack:15", "fix_state": "Affected", "package_name": "python-XStatic-Bootstrap-SCSS", "product_name": "Red Hat OpenStack Platform 15 (Stein)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Affected", "package_name": "python-XStatic-Bootstrap-SCSS", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Affected", "package_name": "python-XStatic-Bootstrap-SCSS", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Not affected", "package_name": "quay", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Not affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:network_satellite:5", "fix_state": "Will not fix", "package_name": "bootstrap", "product_name": "Red Hat Satellite 5"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Out of support scope", "package_name": "ovirt-engine-dashboard", "product_name": "Red Hat Virtualization 4"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Out of support scope", "package_name": "ovirt-js-dependencies", "product_name": "Red Hat Virtualization 4"}], "public_date": "2016-06-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-10735\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-10735"], "statement": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "threat_severity": "Moderate"}

{}