Vulnerability DatabaseWS-2017-0178
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2017-0178
Published:May 14, 2026
Updated:May 14, 2026
Affected versions of the package are vulnerable to Cross-site Scripting (XSS).
Affected Packages
oncogemini (CONDA):
Affected version(s) >=0.1.0 <=1.0.0
Fix Suggestion:
Update to version no_fix
r-ramcharts (CONDA):
Affected version(s) =2.1.13 <2.1.15
Fix Suggestion:
Update to version 2.1.15
r-makefiler (CONDA):
Affected version(s) =1.0
Fix Suggestion:
Update to version no_fix
quast (CONDA):
Affected version(s) >=3.2 <=5.3.0
Fix Suggestion:
Update to version no_fix
gemini (CONDA):
Affected version(s) >=0.17.3dev0 <=0.30.2
Fix Suggestion:
Update to version no_fix
r-venn (CONDA):
Affected version(s) >=1.2 <1.8
Fix Suggestion:
Update to version 1.8
flower (CONDA):
Affected version(s) >=0.8.3 <2.0.0
Fix Suggestion:
Update to version 2.0.0
targqc (CONDA):
Affected version(s) =1.8.1
Fix Suggestion:
Update to version no_fix
bootstrap (NPM):
Affected version(s) >=0.0.1 <3.1.1
Fix Suggestion:
Update to version 3.1.1
twitter.bootstrap (NUGET):
Affected version(s) =1.3.0 <1.4.0
Fix Suggestion:
Update to version 1.4.0
xsockets.tutorials (NUGET):
Affected version(s) >=0.6.0 <=0.9.2
Fix Suggestion:
Update to version no_fix
twitter.bootstrap (NUGET):
Affected version(s) >=2.0.4 <2.1.0
Fix Suggestion:
Update to version 2.1.0
mvcforum (NUGET):
Affected version(s) >=0.8.5.1 <1.0.0.1
Fix Suggestion:
Update to version 1.0.0.1
grazewp7 (NUGET):
Affected version(s) >=1.0.0 <=3.0.0
Fix Suggestion:
Update to version no_fix
scaffr (NUGET):
Affected version(s) =1.1.0 <1.1.1
Fix Suggestion:
Update to version 1.1.1
twitterbootstrapmvc3template (NUGET):
Affected version(s) >=1.0.0 <1.0.4
Fix Suggestion:
Update to version 1.0.4
bootstraptwitter (NUGET):
Affected version(s) =2.4.0 <3.0.0
Fix Suggestion:
Update to version 3.0.0
bootstraptwitter (NUGET):
Affected version(s) >=1.4.0 <2.1.0
Fix Suggestion:
Update to version 2.1.0
bootstrap (NUGET):
Affected version(s) =1.0.0 <2.3.1
Fix Suggestion:
Update to version 2.3.1
maoyuanmvckendojslib (NUGET):
Affected version(s) =1.0.1
Fix Suggestion:
Update to version no_fix
zoomyboy/scoutnet-api (PHP):
Affected version(s) >=dev-master <=0.2.0
Fix Suggestion:
Update to version no_fix
silverstripe/deploynaut (PHP):
Affected version(s) =0.9.x-dev <1.0.0
Fix Suggestion:
Update to version 1.0.0
neos/twitter-bootstrap (PHP):
Affected version(s) =dev-task/flow-9.0-compat
Fix Suggestion:
Update to version no_fix
pablodip/admin-module-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
jabapoint/cobra (PHP):
Affected version(s) >=dev-master <=0.7
Fix Suggestion:
Update to version no_fix
carlosio/jenkins (PHP):
Affected version(s) =1.0.0 <1.1.0
Fix Suggestion:
Update to version 1.1.0
pug-php/pug (PHP):
Affected version(s) =2.2.0 <2.2.1
Fix Suggestion:
Update to version 2.2.1
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) >=dev-breadcrumb <dev-master
Fix Suggestion:
Update to version dev-master
wollnerstudios/assetpipeline (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
pug-php/pug (PHP):
Affected version(s) =2.4.9 <2.5.0
Fix Suggestion:
Update to version 2.5.0
pug-php/pug (PHP):
Affected version(s) =2.6.4 <2.6.5
Fix Suggestion:
Update to version 2.6.5
pug-php/pug (PHP):
Affected version(s) >=1.5.0 <1.8.0-rc1
Fix Suggestion:
Update to version 1.8.0-rc1
farazdagi/phrozn (PHP):
Affected version(s) >=0.5.6 <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
mukulu/admin-bundle (PHP):
Affected version(s) =dev-bootstrap2
Fix Suggestion:
Update to version no_fix
chj/laravel (PHP):
Affected version(s) >=dev-develop <chj-v1.0
Fix Suggestion:
Update to version chj-v1.0
pug-php/pug (PHP):
Affected version(s) =2.5.9 <2.6.0
Fix Suggestion:
Update to version 2.6.0
neos/twitter-bootstrap (PHP):
Affected version(s) =1.0.x-dev <1.0.1
Fix Suggestion:
Update to version 1.0.1
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.1.0 <dev-dependabot/composer/developer/smarty/smarty-4.1.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.1.0
typo3/twitter-bootstrap (PHP):
Affected version(s) =3.0.8 <dev-flow_7
Fix Suggestion:
Update to version dev-flow_7
kylekatarnls/jade-php (PHP):
Affected version(s) =dev-master <1.1
Fix Suggestion:
Update to version 1.1
kylekatarnls/jade-php (PHP):
Affected version(s) >=3.3.0 <=3.3.1
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) =2.3.0 <2.4.0
Fix Suggestion:
Update to version 2.4.0
rozdol/bi-assets (PHP):
Affected version(s) >=dev-master <v1.0.3
Fix Suggestion:
Update to version v1.0.3
typo3/twitter-bootstrap (PHP):
Affected version(s) >=dev-main <historic-1.0.0-alpha5
Fix Suggestion:
Update to version historic-1.0.0-alpha5
torann/skosh (PHP):
Affected version(s) =0.3.0
Fix Suggestion:
Update to version no_fix
purezero/module_bootstrap (PHP):
Affected version(s) =dev-ssexpress <ssexpress-0.1.0
Fix Suggestion:
Update to version ssexpress-0.1.0
kylekatarnls/jade-php (PHP):
Affected version(s) =2.7.x-dev <2.7.1
Fix Suggestion:
Update to version 2.7.1
fightmaster/fightmaster-bootstrap-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=3.1.2 <3.1.4
Fix Suggestion:
Update to version 3.1.4
pug-php/pug (PHP):
Affected version(s) >=3.0.0-alpha6 <3.0.0
Fix Suggestion:
Update to version 3.0.0
typo3/twitter-bootstrap (PHP):
Affected version(s) >=1.0.0 <3.0.5
Fix Suggestion:
Update to version 3.0.5
pug-php/pug (PHP):
Affected version(s) >=dev-feature/php-update <dev-test/add-alternative-versions
Fix Suggestion:
Update to version dev-test/add-alternative-versions
metabor/start-app (PHP):
Affected version(s) =dev-MopaBootstrapBundle <dev-master
Fix Suggestion:
Update to version dev-master
irmnet/auth (PHP):
Affected version(s) =1.0.20
Fix Suggestion:
Update to version no_fix
neos/twitter-bootstrap (PHP):
Affected version(s) =3.0.8 <dev-flow_7
Fix Suggestion:
Update to version dev-flow_7
kylekatarnls/jade-php (PHP):
Affected version(s) =2.7.5 <3.0.0-RC1
Fix Suggestion:
Update to version 3.0.0-RC1
irmnet/ti (PHP):
Affected version(s) >=1.0.4 <10
Fix Suggestion:
Update to version 10
8bit-echo/sage (PHP):
Affected version(s) =4.1.0 <dev-dependabot/npm_and_yarn/lodash-4.17.21
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/lodash-4.17.21
jsmarion/yii2-unify-template (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=2.7.4 <3.0.0-RC2
Fix Suggestion:
Update to version 3.0.0-RC2
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.3.0 <dev-dependabot/composer/developer/sabre/dav-4.3.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/sabre/dav-4.3.0
purezero/module_bootstrap (PHP):
Affected version(s) >=dev-breadcrumb <dev-master
Fix Suggestion:
Update to version dev-master
skeeks/yii2-template-smarty (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
silverstripe/deploynaut (PHP):
Affected version(s) >=1.0.1 <dev-cleanup5
Fix Suggestion:
Update to version dev-cleanup5
pug-php/pug (PHP):
Affected version(s) >=2.0.3 <2.1.0
Fix Suggestion:
Update to version 2.1.0
wollnerstudios/assetpipeline (PHP):
Affected version(s) >=1.0.3 <=1.0.31
Fix Suggestion:
Update to version no_fix
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) =dev-master <v2.0.0BETA1
Fix Suggestion:
Update to version v2.0.0BETA1
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=microweber-0.750 <0.931
Fix Suggestion:
Update to version 0.931
pug-php/pug (PHP):
Affected version(s) =2.1.2 <2.1.3
Fix Suggestion:
Update to version 2.1.3
torann/skosh (PHP):
Affected version(s) =dev-master <0.2.0
Fix Suggestion:
Update to version 0.2.0
skcms/admin-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
mparaiso/aclserviceprovider (PHP):
Affected version(s) =dev-silex <0.0.1
Fix Suggestion:
Update to version 0.0.1
acosf/archersys (PHP):
Affected version(s) >=dev-hdddwinstudent <1.0
Fix Suggestion:
Update to version 1.0
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.0.0 <dev-dependabot/composer/developer/smarty/smarty-4.0.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.0.0
pug-php/pug (PHP):
Affected version(s) =dev-enable-php-8-test
Fix Suggestion:
Update to version no_fix
ronan-gloo/jadephp (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
titledk/cloudy (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
typo3/twitter-bootstrap (PHP):
Affected version(s) =dev-task/flow-9.0-compat
Fix Suggestion:
Update to version no_fix
halleck45/behat-wizard-bundle (PHP):
Affected version(s) =v0.2
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) =1.12.1 <1.12.2
Fix Suggestion:
Update to version 1.12.2
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) =2.3.1.x-dev <2.3.2.x-dev
Fix Suggestion:
Update to version 2.3.2.x-dev
pug-php/pug (PHP):
Affected version(s) >=1.1.1 <1.4.0
Fix Suggestion:
Update to version 1.4.0
bertrandom/flickrclient (PHP):
Affected version(s) =dev-demo <dev-master
Fix Suggestion:
Update to version dev-master
phraseanet/phraseanet (PHP):
Affected version(s) >=3.7.0 <3.8.0
Fix Suggestion:
Update to version 3.8.0
sansis/basebundle (PHP):
Affected version(s) >=dev-master <=v1.0.0
Fix Suggestion:
Update to version no_fix
cupcakephp/cupcakephp (PHP):
Affected version(s) =0.2.x-dev
Fix Suggestion:
Update to version no_fix
kylekatarnls/jade-php (PHP):
Affected version(s) =dev-version-2.next <2.0.1
Fix Suggestion:
Update to version 2.0.1
radutopala/phpbeanstalkdadmin (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
silverstripe/deploynaut (PHP):
Affected version(s) =1.x-dev <dev-p1-issue
Fix Suggestion:
Update to version dev-p1-issue
pug-php/pug (PHP):
Affected version(s) =3.0.0-alpha2 <3.0.0-alpha3
Fix Suggestion:
Update to version 3.0.0-alpha3
rozdol/bi-assets (PHP):
Affected version(s) >=v1.0.5 <=v1.0.17
Fix Suggestion:
Update to version no_fix
themelogy/carwash-theme (PHP):
Affected version(s) >=dev-master <1.0.1
Fix Suggestion:
Update to version 1.0.1
pug-php/pug (PHP):
Affected version(s) =2.7.0 <2.7.1
Fix Suggestion:
Update to version 2.7.1
neos/twitter-bootstrap (PHP):
Affected version(s) =2.1.x-dev <2.2.0
Fix Suggestion:
Update to version 2.2.0
sitegeist/nomenclator (PHP):
Affected version(s) =dev-feature/frontendAndStyle <dev-master
Fix Suggestion:
Update to version dev-master
pug-php/pug (PHP):
Affected version(s) >=2.4.1 <2.4.5
Fix Suggestion:
Update to version 2.4.5
neos/twitter-bootstrap (PHP):
Affected version(s) >=dev-main <historic-1.0.0-alpha5
Fix Suggestion:
Update to version historic-1.0.0-alpha5
irmnet/ti (PHP):
Affected version(s) =dev-master <0.0.0
Fix Suggestion:
Update to version 0.0.0
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) =2.1.x-dev <v2.1.0
Fix Suggestion:
Update to version v2.1.0
venu/sf2-blog (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=2.5.2 <2.5.5
Fix Suggestion:
Update to version 2.5.5
neos/twitter-bootstrap (PHP):
Affected version(s) =2.2.x-dev <3.0.0
Fix Suggestion:
Update to version 3.0.0
jeromeschneider/baikal (PHP):
Affected version(s) >=0.2.5 <0.5.1
Fix Suggestion:
Update to version 0.5.1
pug-php/pug (PHP):
Affected version(s) >=1.10.3 <1.11.0
Fix Suggestion:
Update to version 1.11.0
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.2.0 <dev-dependabot/composer/developer/smarty/smarty-4.2.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.2.0
jlaso/tradukoj (PHP):
Affected version(s) >=dev-feature/dockerizing <1.1
Fix Suggestion:
Update to version 1.1
paella/twitter-bootstrap-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
skeeks/yii2-template-unify (PHP):
Affected version(s) >=dev-master <=1.9.1
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=3.2.0 <dev-analysis-BowKr6
Fix Suggestion:
Update to version dev-analysis-BowKr6
pug-php/pug (PHP):
Affected version(s) >=1.8.1 <1.10.1
Fix Suggestion:
Update to version 1.10.1
themelogy/carwash-theme (PHP):
Affected version(s) =1.0.2
Fix Suggestion:
Update to version no_fix
tungphan/yii-demo (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) >=2.2.x-dev <=2.3.x-dev
Fix Suggestion:
Update to version no_fix
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=oop-preview <0.9.5.x-dev
Fix Suggestion:
Update to version 0.9.5.x-dev
purezero/module_bootstrap (PHP):
Affected version(s) =2.3.1.x-dev <2.3.2.x-dev
Fix Suggestion:
Update to version 2.3.2.x-dev
neos/twitter-bootstrap (PHP):
Affected version(s) =2.0.x-dev <2.0.1
Fix Suggestion:
Update to version 2.0.1
pawka/phrozn (PHP):
Affected version(s) >=0.5.6 <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
intelogie/sipml5 (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
pug-php/pug (PHP):
Affected version(s) >=1.11.1 <1.11.3
Fix Suggestion:
Update to version 1.11.3
pug-php/pug (PHP):
Affected version(s) =2.7.2 <2.7.3
Fix Suggestion:
Update to version 2.7.3
optime/jangomail (PHP):
Affected version(s) =dev-master <v1.0
Fix Suggestion:
Update to version v1.0
optime/jangomail (PHP):
Affected version(s) >=v1.1 <=v2.0
Fix Suggestion:
Update to version no_fix
wxr/common-bundle (PHP):
Affected version(s) >=dev-master <=v2.1.0
Fix Suggestion:
Update to version no_fix
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) =dev-ssexpress <ssexpress-0.1.0
Fix Suggestion:
Update to version ssexpress-0.1.0
flower (PYTHON):
Affected version(s) >=0.8.3 <2.0.0
Fix Suggestion:
Update to version 2.0.0
Related Resources (2)
https://github.com/twbs/bootstrap/pull/3421
https://github.com/twbs/bootstrap/commit/f836473129819c2e348f821ed268451b9b8bf2e4
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE