CVE-2025-1647
ADVISORY - githubSummary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting (XSS). This issue affects Bootstrap version 3.4.1. At time of publication, there is no publicly available patched version.
EPSS Score: 0.00043 (0.129)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADVISORY - github
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADVISORY - gitlab
ADVISORY - redhat
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
NIST
CREATED
UPDATED
ADVISORY IDCVE-2025-1647
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.6mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-q58r-hwc8-rm9j
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.6mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2025-1647
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2025-1647
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2-2025-2995
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2025-1647
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.6mediumChainguard
CREATED
UPDATED
ADVISORY ID
CGA-gfg8-vggm-w2w9
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-whrc-rcfj-6fxc
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-