You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
bootstrap 3
About this tag
The tag covers discussions about Bootstrap 3, a legacy front-end framework, with a focus on security vulnerabilities. A notable topic is CVE-2024-6485, a critical cross-site scripting (XSS) flaw in Bootstrap 3's Button plugin. This vulnerability allows attacker-controlled HTML to execute arbitrary JavaScript via improper handling of data-loading-text attributes. The tag includes troubleshooting and security updates related to Bootstrap 3, relevant for developers maintaining older web projects or migrating from Bootstrap 3 to newer versions.
A critical Cross‑Site Scripting (XSS) flaw was assigned CVE‑2024‑6485 after researchers discovered that Bootstrap’s legacy Button plugin improperly handles the data-loading-text / data-*-text attributes, allowing attacker‑controlled HTML (including script) to be rendered when a button enters its...