Vulnerability DatabaseWS-2017-0178
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2017-0178
Published:May 19, 2026
Updated:May 19, 2026
Affected versions of the package are vulnerable to Cross-site Scripting (XSS).
Affected Packages
r-venn (CONDA):
Affected version(s) >=1.2 <1.8
Fix Suggestion:
Update to version 1.8
flower (CONDA):
Affected version(s) >=0.8.3 <2.0.0
Fix Suggestion:
Update to version 2.0.0
r-makefiler (CONDA):
Affected version(s) =1.0
Fix Suggestion:
Update to version no_fix
gemini (CONDA):
Affected version(s) >=0.17.3dev0 <=0.30.2
Fix Suggestion:
Update to version no_fix
targqc (CONDA):
Affected version(s) =1.8.1
Fix Suggestion:
Update to version no_fix
quast (CONDA):
Affected version(s) >=3.2 <=5.3.0
Fix Suggestion:
Update to version no_fix
oncogemini (CONDA):
Affected version(s) >=0.1.0 <=1.0.0
Fix Suggestion:
Update to version no_fix
r-ramcharts (CONDA):
Affected version(s) =2.1.13 <2.1.15
Fix Suggestion:
Update to version 2.1.15
bootstrap (NPM):
Affected version(s) >=0.0.1 <3.1.1
Fix Suggestion:
Update to version 3.1.1
maoyuanmvckendojslib (NUGET):
Affected version(s) =1.0.1
Fix Suggestion:
Update to version no_fix
twitter.bootstrap (NUGET):
Affected version(s) >=2.0.4 <2.1.0
Fix Suggestion:
Update to version 2.1.0
twitterbootstrapmvc3template (NUGET):
Affected version(s) >=1.0.0 <1.0.4
Fix Suggestion:
Update to version 1.0.4
bootstraptwitter (NUGET):
Affected version(s) >=1.4.0 <2.1.0
Fix Suggestion:
Update to version 2.1.0
mvcforum (NUGET):
Affected version(s) >=0.8.5.1 <1.0.0.1
Fix Suggestion:
Update to version 1.0.0.1
grazewp7 (NUGET):
Affected version(s) >=1.0.0 <=3.0.0
Fix Suggestion:
Update to version no_fix
xsockets.tutorials (NUGET):
Affected version(s) >=0.6.0 <=0.9.2
Fix Suggestion:
Update to version no_fix
bootstraptwitter (NUGET):
Affected version(s) =2.4.0 <3.0.0
Fix Suggestion:
Update to version 3.0.0
bootstrap (NUGET):
Affected version(s) =1.0.0 <2.3.1
Fix Suggestion:
Update to version 2.3.1
twitter.bootstrap (NUGET):
Affected version(s) =1.3.0 <1.4.0
Fix Suggestion:
Update to version 1.4.0
scaffr (NUGET):
Affected version(s) =1.1.0 <1.1.1
Fix Suggestion:
Update to version 1.1.1
irmnet/ti (PHP):
Affected version(s) =dev-master <0.0.0
Fix Suggestion:
Update to version 0.0.0
jsmarion/yii2-unify-template (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=1.11.1 <1.11.3
Fix Suggestion:
Update to version 1.11.3
pug-php/pug (PHP):
Affected version(s) >=3.1.2 <3.1.4
Fix Suggestion:
Update to version 3.1.4
pug-php/pug (PHP):
Affected version(s) >=1.8.1 <1.10.1
Fix Suggestion:
Update to version 1.10.1
halleck45/behat-wizard-bundle (PHP):
Affected version(s) =v0.2
Fix Suggestion:
Update to version no_fix
kylekatarnls/jade-php (PHP):
Affected version(s) =2.7.5 <3.0.0-RC1
Fix Suggestion:
Update to version 3.0.0-RC1
typo3/twitter-bootstrap (PHP):
Affected version(s) =dev-task/flow-9.0-compat
Fix Suggestion:
Update to version no_fix
rozdol/bi-assets (PHP):
Affected version(s) >=dev-master <v1.0.3
Fix Suggestion:
Update to version v1.0.3
skeeks/yii2-template-unify (PHP):
Affected version(s) >=dev-master <=1.9.1
Fix Suggestion:
Update to version no_fix
silverstripe/deploynaut (PHP):
Affected version(s) =0.9.x-dev <1.0.0
Fix Suggestion:
Update to version 1.0.0
torann/skosh (PHP):
Affected version(s) =0.3.0
Fix Suggestion:
Update to version no_fix
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=oop-preview <0.9.5.x-dev
Fix Suggestion:
Update to version 0.9.5.x-dev
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.1.0 <dev-dependabot/composer/developer/smarty/smarty-4.1.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.1.0
purezero/module_bootstrap (PHP):
Affected version(s) =2.3.1.x-dev <2.3.2.x-dev
Fix Suggestion:
Update to version 2.3.2.x-dev
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) =2.1.x-dev <v2.1.0
Fix Suggestion:
Update to version v2.1.0
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) =dev-ssexpress <ssexpress-0.1.0
Fix Suggestion:
Update to version ssexpress-0.1.0
neos/twitter-bootstrap (PHP):
Affected version(s) =2.0.x-dev <2.0.1
Fix Suggestion:
Update to version 2.0.1
pug-php/pug (PHP):
Affected version(s) >=1.5.0 <1.8.0-rc1
Fix Suggestion:
Update to version 1.8.0-rc1
pug-php/pug (PHP):
Affected version(s) =2.6.4 <2.6.5
Fix Suggestion:
Update to version 2.6.5
pug-php/pug (PHP):
Affected version(s) >=2.0.3 <2.1.0
Fix Suggestion:
Update to version 2.1.0
neos/twitter-bootstrap (PHP):
Affected version(s) =1.0.x-dev <1.0.1
Fix Suggestion:
Update to version 1.0.1
pug-php/pug (PHP):
Affected version(s) =2.7.0 <2.7.1
Fix Suggestion:
Update to version 2.7.1
pug-php/pug (PHP):
Affected version(s) >=2.7.4 <3.0.0-RC2
Fix Suggestion:
Update to version 3.0.0-RC2
fightmaster/fightmaster-bootstrap-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=2.4.1 <2.4.5
Fix Suggestion:
Update to version 2.4.5
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) >=dev-breadcrumb <dev-master
Fix Suggestion:
Update to version dev-master
jeromeschneider/baikal (PHP):
Affected version(s) >=0.2.5 <0.5.1
Fix Suggestion:
Update to version 0.5.1
phraseanet/phraseanet (PHP):
Affected version(s) >=3.7.0 <3.8.0
Fix Suggestion:
Update to version 3.8.0
kylekatarnls/jade-php (PHP):
Affected version(s) =2.7.x-dev <2.7.1
Fix Suggestion:
Update to version 2.7.1
skeeks/yii2-template-smarty (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
ronan-gloo/jadephp (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
optime/jangomail (PHP):
Affected version(s) =dev-master <v1.0
Fix Suggestion:
Update to version v1.0
pawka/phrozn (PHP):
Affected version(s) >=0.5.6 <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
wollnerstudios/assetpipeline (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
optime/jangomail (PHP):
Affected version(s) >=v1.1 <=v2.0
Fix Suggestion:
Update to version no_fix
venu/sf2-blog (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
neos/twitter-bootstrap (PHP):
Affected version(s) =dev-task/flow-9.0-compat
Fix Suggestion:
Update to version no_fix
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.3.0 <dev-dependabot/composer/developer/sabre/dav-4.3.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/sabre/dav-4.3.0
silverstripe/deploynaut (PHP):
Affected version(s) >=1.0.1 <dev-cleanup5
Fix Suggestion:
Update to version dev-cleanup5
pug-php/pug (PHP):
Affected version(s) =2.4.9 <2.5.0
Fix Suggestion:
Update to version 2.5.0
jlaso/tradukoj (PHP):
Affected version(s) >=dev-feature/dockerizing <1.1
Fix Suggestion:
Update to version 1.1
pug-php/pug (PHP):
Affected version(s) >=1.1.1 <1.4.0
Fix Suggestion:
Update to version 1.4.0
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=microweber-0.750 <0.931
Fix Suggestion:
Update to version 0.931
intelogie/sipml5 (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
pug-php/pug (PHP):
Affected version(s) =1.12.1 <1.12.2
Fix Suggestion:
Update to version 1.12.2
tungphan/yii-demo (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
purezero/module_bootstrap (PHP):
Affected version(s) >=dev-breadcrumb <dev-master
Fix Suggestion:
Update to version dev-master
pug-php/pug (PHP):
Affected version(s) >=1.10.3 <1.11.0
Fix Suggestion:
Update to version 1.11.0
purezero/module_bootstrap (PHP):
Affected version(s) =dev-ssexpress <ssexpress-0.1.0
Fix Suggestion:
Update to version ssexpress-0.1.0
themelogy/carwash-theme (PHP):
Affected version(s) =1.0.2
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=dev-feature/php-update <dev-test/add-alternative-versions
Fix Suggestion:
Update to version dev-test/add-alternative-versions
irmnet/auth (PHP):
Affected version(s) =1.0.20
Fix Suggestion:
Update to version no_fix
neos/twitter-bootstrap (PHP):
Affected version(s) =3.0.8 <dev-flow_7
Fix Suggestion:
Update to version dev-flow_7
wollnerstudios/assetpipeline (PHP):
Affected version(s) >=1.0.3 <=1.0.31
Fix Suggestion:
Update to version no_fix
acosf/archersys (PHP):
Affected version(s) >=dev-hdddwinstudent <1.0
Fix Suggestion:
Update to version 1.0
pug-php/pug (PHP):
Affected version(s) =2.1.2 <2.1.3
Fix Suggestion:
Update to version 2.1.3
kylekatarnls/jade-php (PHP):
Affected version(s) =dev-version-2.next <2.0.1
Fix Suggestion:
Update to version 2.0.1
bertrandom/flickrclient (PHP):
Affected version(s) =dev-demo <dev-master
Fix Suggestion:
Update to version dev-master
neos/twitter-bootstrap (PHP):
Affected version(s) =2.2.x-dev <3.0.0
Fix Suggestion:
Update to version 3.0.0
neos/twitter-bootstrap (PHP):
Affected version(s) >=dev-main <historic-1.0.0-alpha5
Fix Suggestion:
Update to version historic-1.0.0-alpha5
zoomyboy/scoutnet-api (PHP):
Affected version(s) >=dev-master <=0.2.0
Fix Suggestion:
Update to version no_fix
radutopala/phpbeanstalkdadmin (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=2.5.2 <2.5.5
Fix Suggestion:
Update to version 2.5.5
pug-php/pug (PHP):
Affected version(s) =dev-enable-php-8-test
Fix Suggestion:
Update to version no_fix
cupcakephp/cupcakephp (PHP):
Affected version(s) =0.2.x-dev
Fix Suggestion:
Update to version no_fix
silverstripe/deploynaut (PHP):
Affected version(s) =1.x-dev <dev-p1-issue
Fix Suggestion:
Update to version dev-p1-issue
sansis/basebundle (PHP):
Affected version(s) >=dev-master <=v1.0.0
Fix Suggestion:
Update to version no_fix
typo3/twitter-bootstrap (PHP):
Affected version(s) >=dev-main <historic-1.0.0-alpha5
Fix Suggestion:
Update to version historic-1.0.0-alpha5
skcms/admin-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
kylekatarnls/jade-php (PHP):
Affected version(s) >=3.3.0 <=3.3.1
Fix Suggestion:
Update to version no_fix
wxr/common-bundle (PHP):
Affected version(s) >=dev-master <=v2.1.0
Fix Suggestion:
Update to version no_fix
8bit-echo/sage (PHP):
Affected version(s) =4.1.0 <dev-dependabot/npm_and_yarn/lodash-4.17.21
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/lodash-4.17.21
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) =dev-master <v2.0.0BETA1
Fix Suggestion:
Update to version v2.0.0BETA1
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) =2.3.1.x-dev <2.3.2.x-dev
Fix Suggestion:
Update to version 2.3.2.x-dev
paella/twitter-bootstrap-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.0.0 <dev-dependabot/composer/developer/smarty/smarty-4.0.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.0.0
jabapoint/cobra (PHP):
Affected version(s) >=dev-master <=0.7
Fix Suggestion:
Update to version no_fix
mukulu/admin-bundle (PHP):
Affected version(s) =dev-bootstrap2
Fix Suggestion:
Update to version no_fix
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) >=2.2.x-dev <=2.3.x-dev
Fix Suggestion:
Update to version no_fix
kylekatarnls/jade-php (PHP):
Affected version(s) =dev-master <1.1
Fix Suggestion:
Update to version 1.1
titledk/cloudy (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
irmnet/ti (PHP):
Affected version(s) >=1.0.4 <10
Fix Suggestion:
Update to version 10
rozdol/bi-assets (PHP):
Affected version(s) >=v1.0.5 <=v1.0.17
Fix Suggestion:
Update to version no_fix
pablodip/admin-module-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
typo3/twitter-bootstrap (PHP):
Affected version(s) >=1.0.0 <3.0.5
Fix Suggestion:
Update to version 3.0.5
carlosio/jenkins (PHP):
Affected version(s) =1.0.0 <1.1.0
Fix Suggestion:
Update to version 1.1.0
farazdagi/phrozn (PHP):
Affected version(s) >=0.5.6 <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=3.0.0-alpha6 <3.0.0
Fix Suggestion:
Update to version 3.0.0
themelogy/carwash-theme (PHP):
Affected version(s) >=dev-master <1.0.1
Fix Suggestion:
Update to version 1.0.1
typo3/twitter-bootstrap (PHP):
Affected version(s) =3.0.8 <dev-flow_7
Fix Suggestion:
Update to version dev-flow_7
pug-php/pug (PHP):
Affected version(s) =2.2.0 <2.2.1
Fix Suggestion:
Update to version 2.2.1
neos/twitter-bootstrap (PHP):
Affected version(s) =2.1.x-dev <2.2.0
Fix Suggestion:
Update to version 2.2.0
pug-php/pug (PHP):
Affected version(s) =2.5.9 <2.6.0
Fix Suggestion:
Update to version 2.6.0
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.2.0 <dev-dependabot/composer/developer/smarty/smarty-4.2.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.2.0
pug-php/pug (PHP):
Affected version(s) =3.0.0-alpha2 <3.0.0-alpha3
Fix Suggestion:
Update to version 3.0.0-alpha3
mparaiso/aclserviceprovider (PHP):
Affected version(s) =dev-silex <0.0.1
Fix Suggestion:
Update to version 0.0.1
chj/laravel (PHP):
Affected version(s) >=dev-develop <chj-v1.0
Fix Suggestion:
Update to version chj-v1.0
metabor/start-app (PHP):
Affected version(s) =dev-MopaBootstrapBundle <dev-master
Fix Suggestion:
Update to version dev-master
pug-php/pug (PHP):
Affected version(s) >=3.2.0 <dev-analysis-BowKr6
Fix Suggestion:
Update to version dev-analysis-BowKr6
torann/skosh (PHP):
Affected version(s) =dev-master <0.2.0
Fix Suggestion:
Update to version 0.2.0
pug-php/pug (PHP):
Affected version(s) =2.7.2 <2.7.3
Fix Suggestion:
Update to version 2.7.3
sitegeist/nomenclator (PHP):
Affected version(s) =dev-feature/frontendAndStyle <dev-master
Fix Suggestion:
Update to version dev-master
pug-php/pug (PHP):
Affected version(s) =2.3.0 <2.4.0
Fix Suggestion:
Update to version 2.4.0
flower (PYTHON):
Affected version(s) >=0.8.3 <2.0.0
Fix Suggestion:
Update to version 2.0.0
Related Resources (2)
https://github.com/twbs/bootstrap/commit/f836473129819c2e348f821ed268451b9b8bf2e4
https://github.com/twbs/bootstrap/pull/3421
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE