You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for reporting this, @pbr0ck3r. Is this an issue that is actually affecting us or is this a theoretical issue because we use an affected dependency but not in a way that allows exploitation of the issue?
It does not directly affect graylog core code base. But is a theoretical issue. If anyone where to have a plugin containing similar to the following code pointing to a malicious site, or scraping data.
Expected Behavior
Don't allow XSS.
Current Behavior
Bootstrap 3.3.7 is are vulnerable to Cross-Site Scripting (XSS) attacks via the data-target attribute.
https://snyk.io/vuln/npm:bootstrap:20160627
Fixed in: twbs/bootstrap#23687
Possible Solution
Steps to Reproduce (for bugs)
Context
Your Environment
The text was updated successfully, but these errors were encountered: