Vulnerability DatabaseWS-2017-0178
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2017-0178
Published:May 19, 2026
Updated:May 19, 2026
Affected versions of the package are vulnerable to Cross-site Scripting (XSS).
Affected Packages
r-makefiler (CONDA):
Affected version(s) =1.0
Fix Suggestion:
Update to version no_fix
r-venn (CONDA):
Affected version(s) >=1.2 <1.8
Fix Suggestion:
Update to version 1.8
targqc (CONDA):
Affected version(s) =1.8.1
Fix Suggestion:
Update to version no_fix
oncogemini (CONDA):
Affected version(s) >=0.1.0 <=1.0.0
Fix Suggestion:
Update to version no_fix
flower (CONDA):
Affected version(s) >=0.8.3 <2.0.0
Fix Suggestion:
Update to version 2.0.0
gemini (CONDA):
Affected version(s) >=0.17.3dev0 <=0.30.2
Fix Suggestion:
Update to version no_fix
r-ramcharts (CONDA):
Affected version(s) =2.1.13 <2.1.15
Fix Suggestion:
Update to version 2.1.15
quast (CONDA):
Affected version(s) >=3.2 <=5.3.0
Fix Suggestion:
Update to version no_fix
bootstrap (NPM):
Affected version(s) >=0.0.1 <3.1.1
Fix Suggestion:
Update to version 3.1.1
xsockets.tutorials (NUGET):
Affected version(s) >=0.6.0 <=0.9.2
Fix Suggestion:
Update to version no_fix
twitter.bootstrap (NUGET):
Affected version(s) =1.3.0 <1.4.0
Fix Suggestion:
Update to version 1.4.0
mvcforum (NUGET):
Affected version(s) >=0.8.5.1 <1.0.0.1
Fix Suggestion:
Update to version 1.0.0.1
scaffr (NUGET):
Affected version(s) =1.1.0 <1.1.1
Fix Suggestion:
Update to version 1.1.1
bootstraptwitter (NUGET):
Affected version(s) >=1.4.0 <2.1.0
Fix Suggestion:
Update to version 2.1.0
grazewp7 (NUGET):
Affected version(s) >=1.0.0 <=3.0.0
Fix Suggestion:
Update to version no_fix
maoyuanmvckendojslib (NUGET):
Affected version(s) =1.0.1
Fix Suggestion:
Update to version no_fix
bootstraptwitter (NUGET):
Affected version(s) =2.4.0 <3.0.0
Fix Suggestion:
Update to version 3.0.0
twitter.bootstrap (NUGET):
Affected version(s) >=2.0.4 <2.1.0
Fix Suggestion:
Update to version 2.1.0
twitterbootstrapmvc3template (NUGET):
Affected version(s) >=1.0.0 <1.0.4
Fix Suggestion:
Update to version 1.0.4
bootstrap (NUGET):
Affected version(s) =1.0.0 <2.3.1
Fix Suggestion:
Update to version 2.3.1
pug-php/pug (PHP):
Affected version(s) =2.7.0 <2.7.1
Fix Suggestion:
Update to version 2.7.1
rozdol/bi-assets (PHP):
Affected version(s) >=v1.0.5 <=v1.0.17
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) =1.12.1 <1.12.2
Fix Suggestion:
Update to version 1.12.2
purezero/module_bootstrap (PHP):
Affected version(s) =dev-ssexpress <ssexpress-0.1.0
Fix Suggestion:
Update to version ssexpress-0.1.0
pug-php/pug (PHP):
Affected version(s) =2.3.0 <2.4.0
Fix Suggestion:
Update to version 2.4.0
torann/skosh (PHP):
Affected version(s) =0.3.0
Fix Suggestion:
Update to version no_fix
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.1.0 <dev-dependabot/composer/developer/smarty/smarty-4.1.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.1.0
pug-php/pug (PHP):
Affected version(s) =2.6.4 <2.6.5
Fix Suggestion:
Update to version 2.6.5
pug-php/pug (PHP):
Affected version(s) >=1.10.3 <1.11.0
Fix Suggestion:
Update to version 1.11.0
skcms/admin-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) =2.7.2 <2.7.3
Fix Suggestion:
Update to version 2.7.3
pug-php/pug (PHP):
Affected version(s) >=1.8.1 <1.10.1
Fix Suggestion:
Update to version 1.10.1
chj/laravel (PHP):
Affected version(s) >=dev-develop <chj-v1.0
Fix Suggestion:
Update to version chj-v1.0
pug-php/pug (PHP):
Affected version(s) >=3.2.0 <dev-analysis-BowKr6
Fix Suggestion:
Update to version dev-analysis-BowKr6
silverstripe/deploynaut (PHP):
Affected version(s) =0.9.x-dev <1.0.0
Fix Suggestion:
Update to version 1.0.0
pug-php/pug (PHP):
Affected version(s) >=2.5.2 <2.5.5
Fix Suggestion:
Update to version 2.5.5
8bit-echo/sage (PHP):
Affected version(s) =4.1.0 <dev-dependabot/npm_and_yarn/lodash-4.17.21
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/lodash-4.17.21
jeromeschneider/baikal (PHP):
Affected version(s) >=0.2.5 <0.5.1
Fix Suggestion:
Update to version 0.5.1
silverstripe/deploynaut (PHP):
Affected version(s) >=1.0.1 <dev-cleanup5
Fix Suggestion:
Update to version dev-cleanup5
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) =dev-master <v2.0.0BETA1
Fix Suggestion:
Update to version v2.0.0BETA1
zoomyboy/scoutnet-api (PHP):
Affected version(s) >=dev-master <=0.2.0
Fix Suggestion:
Update to version no_fix
neos/twitter-bootstrap (PHP):
Affected version(s) =2.1.x-dev <2.2.0
Fix Suggestion:
Update to version 2.2.0
venu/sf2-blog (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=1.5.0 <1.8.0-rc1
Fix Suggestion:
Update to version 1.8.0-rc1
ronan-gloo/jadephp (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
metabor/start-app (PHP):
Affected version(s) =dev-MopaBootstrapBundle <dev-master
Fix Suggestion:
Update to version dev-master
pablodip/admin-module-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=microweber-0.750 <0.931
Fix Suggestion:
Update to version 0.931
radutopala/phpbeanstalkdadmin (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
kylekatarnls/jade-php (PHP):
Affected version(s) =dev-master <1.1
Fix Suggestion:
Update to version 1.1
fightmaster/fightmaster-bootstrap-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
silverstripe/deploynaut (PHP):
Affected version(s) =1.x-dev <dev-p1-issue
Fix Suggestion:
Update to version dev-p1-issue
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.2.0 <dev-dependabot/composer/developer/smarty/smarty-4.2.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.2.0
farazdagi/phrozn (PHP):
Affected version(s) >=0.5.6 <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
typo3/twitter-bootstrap (PHP):
Affected version(s) >=1.0.0 <3.0.5
Fix Suggestion:
Update to version 3.0.5
purezero/module_bootstrap (PHP):
Affected version(s) >=dev-breadcrumb <dev-master
Fix Suggestion:
Update to version dev-master
pug-php/pug (PHP):
Affected version(s) =2.5.9 <2.6.0
Fix Suggestion:
Update to version 2.6.0
pug-php/pug (PHP):
Affected version(s) =2.4.9 <2.5.0
Fix Suggestion:
Update to version 2.5.0
pug-php/pug (PHP):
Affected version(s) =3.0.0-alpha2 <3.0.0-alpha3
Fix Suggestion:
Update to version 3.0.0-alpha3
paella/twitter-bootstrap-bundle (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
irmnet/ti (PHP):
Affected version(s) >=1.0.4 <10
Fix Suggestion:
Update to version 10
cupcakephp/cupcakephp (PHP):
Affected version(s) =0.2.x-dev
Fix Suggestion:
Update to version no_fix
kylekatarnls/jade-php (PHP):
Affected version(s) =2.7.x-dev <2.7.1
Fix Suggestion:
Update to version 2.7.1
wxr/common-bundle (PHP):
Affected version(s) >=dev-master <=v2.1.0
Fix Suggestion:
Update to version no_fix
kylekatarnls/jade-php (PHP):
Affected version(s) =dev-version-2.next <2.0.1
Fix Suggestion:
Update to version 2.0.1
typo3/twitter-bootstrap (PHP):
Affected version(s) =dev-task/flow-9.0-compat
Fix Suggestion:
Update to version no_fix
typo3/twitter-bootstrap (PHP):
Affected version(s) >=dev-main <historic-1.0.0-alpha5
Fix Suggestion:
Update to version historic-1.0.0-alpha5
sitegeist/nomenclator (PHP):
Affected version(s) =dev-feature/frontendAndStyle <dev-master
Fix Suggestion:
Update to version dev-master
pug-php/pug (PHP):
Affected version(s) =dev-enable-php-8-test
Fix Suggestion:
Update to version no_fix
sansis/basebundle (PHP):
Affected version(s) >=dev-master <=v1.0.0
Fix Suggestion:
Update to version no_fix
skeeks/yii2-template-unify (PHP):
Affected version(s) >=dev-master <=1.9.1
Fix Suggestion:
Update to version no_fix
irmnet/ti (PHP):
Affected version(s) =dev-master <0.0.0
Fix Suggestion:
Update to version 0.0.0
optime/jangomail (PHP):
Affected version(s) >=v1.1 <=v2.0
Fix Suggestion:
Update to version no_fix
themelogy/carwash-theme (PHP):
Affected version(s) >=dev-master <1.0.1
Fix Suggestion:
Update to version 1.0.1
neos/twitter-bootstrap (PHP):
Affected version(s) =1.0.x-dev <1.0.1
Fix Suggestion:
Update to version 1.0.1
rozdol/bi-assets (PHP):
Affected version(s) >=dev-master <v1.0.3
Fix Suggestion:
Update to version v1.0.3
pug-php/pug (PHP):
Affected version(s) >=2.0.3 <2.1.0
Fix Suggestion:
Update to version 2.1.0
wollnerstudios/assetpipeline (PHP):
Affected version(s) >=1.0.3 <=1.0.31
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=dev-feature/php-update <dev-test/add-alternative-versions
Fix Suggestion:
Update to version dev-test/add-alternative-versions
neos/twitter-bootstrap (PHP):
Affected version(s) =2.2.x-dev <3.0.0
Fix Suggestion:
Update to version 3.0.0
pawka/phrozn (PHP):
Affected version(s) >=0.5.6 <=1.0.x-dev
Fix Suggestion:
Update to version no_fix
typo3/twitter-bootstrap (PHP):
Affected version(s) =3.0.8 <dev-flow_7
Fix Suggestion:
Update to version dev-flow_7
optime/jangomail (PHP):
Affected version(s) =dev-master <v1.0
Fix Suggestion:
Update to version v1.0
pug-php/pug (PHP):
Affected version(s) >=3.0.0-alpha6 <3.0.0
Fix Suggestion:
Update to version 3.0.0
pug-php/pug (PHP):
Affected version(s) >=1.1.1 <1.4.0
Fix Suggestion:
Update to version 1.4.0
carlosio/jenkins (PHP):
Affected version(s) =1.0.0 <1.1.0
Fix Suggestion:
Update to version 1.1.0
jlaso/tradukoj (PHP):
Affected version(s) >=dev-feature/dockerizing <1.1
Fix Suggestion:
Update to version 1.1
pug-php/pug (PHP):
Affected version(s) >=1.11.1 <1.11.3
Fix Suggestion:
Update to version 1.11.3
purezero/module_bootstrap (PHP):
Affected version(s) =2.3.1.x-dev <2.3.2.x-dev
Fix Suggestion:
Update to version 2.3.2.x-dev
irmnet/auth (PHP):
Affected version(s) =1.0.20
Fix Suggestion:
Update to version no_fix
intelogie/sipml5 (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
mparaiso/aclserviceprovider (PHP):
Affected version(s) =dev-silex <0.0.1
Fix Suggestion:
Update to version 0.0.1
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) =2.3.1.x-dev <2.3.2.x-dev
Fix Suggestion:
Update to version 2.3.2.x-dev
pug-php/pug (PHP):
Affected version(s) >=3.1.2 <3.1.4
Fix Suggestion:
Update to version 3.1.4
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.0.0 <dev-dependabot/composer/developer/smarty/smarty-4.0.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/smarty/smarty-4.0.0
titledk/cloudy (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
phraseanet/phraseanet (PHP):
Affected version(s) >=3.7.0 <3.8.0
Fix Suggestion:
Update to version 3.8.0
themelogy/carwash-theme (PHP):
Affected version(s) =1.0.2
Fix Suggestion:
Update to version no_fix
tungphan/yii-demo (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) =dev-ssexpress <ssexpress-0.1.0
Fix Suggestion:
Update to version ssexpress-0.1.0
pug-php/pug (PHP):
Affected version(s) =2.2.0 <2.2.1
Fix Suggestion:
Update to version 2.2.1
neos/twitter-bootstrap (PHP):
Affected version(s) =2.0.x-dev <2.0.1
Fix Suggestion:
Update to version 2.0.1
kylekatarnls/jade-php (PHP):
Affected version(s) =2.7.5 <3.0.0-RC1
Fix Suggestion:
Update to version 3.0.0-RC1
yetiforce/yetiforce-crm (PHP):
Affected version(s) =4.3.0 <dev-dependabot/composer/developer/sabre/dav-4.3.0
Fix Suggestion:
Update to version dev-dependabot/composer/developer/sabre/dav-4.3.0
halleck45/behat-wizard-bundle (PHP):
Affected version(s) =v0.2
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=2.4.1 <2.4.5
Fix Suggestion:
Update to version 2.4.5
mukulu/admin-bundle (PHP):
Affected version(s) =dev-bootstrap2
Fix Suggestion:
Update to version no_fix
acosf/archersys (PHP):
Affected version(s) >=dev-hdddwinstudent <1.0
Fix Suggestion:
Update to version 1.0
jsmarion/yii2-unify-template (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) =2.1.x-dev <v2.1.0
Fix Suggestion:
Update to version v2.1.0
bertrandom/flickrclient (PHP):
Affected version(s) =dev-demo <dev-master
Fix Suggestion:
Update to version dev-master
wollnerstudios/assetpipeline (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
tinindja/microweber-for-laravel-5.8 (PHP):
Affected version(s) >=oop-preview <0.9.5.x-dev
Fix Suggestion:
Update to version 0.9.5.x-dev
mopa/symfony-framework-bootstrap-edition (PHP):
Affected version(s) >=2.2.x-dev <=2.3.x-dev
Fix Suggestion:
Update to version no_fix
neos/twitter-bootstrap (PHP):
Affected version(s) =3.0.8 <dev-flow_7
Fix Suggestion:
Update to version dev-flow_7
skeeks/yii2-template-smarty (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
kylekatarnls/jade-php (PHP):
Affected version(s) >=3.3.0 <=3.3.1
Fix Suggestion:
Update to version no_fix
pug-php/pug (PHP):
Affected version(s) >=2.7.4 <3.0.0-RC2
Fix Suggestion:
Update to version 3.0.0-RC2
neos/twitter-bootstrap (PHP):
Affected version(s) =dev-task/flow-9.0-compat
Fix Suggestion:
Update to version no_fix
torann/skosh (PHP):
Affected version(s) =dev-master <0.2.0
Fix Suggestion:
Update to version 0.2.0
pug-php/pug (PHP):
Affected version(s) =2.1.2 <2.1.3
Fix Suggestion:
Update to version 2.1.3
jabapoint/cobra (PHP):
Affected version(s) >=dev-master <=0.7
Fix Suggestion:
Update to version no_fix
silverstripe-themes/module_bootstrap (PHP):
Affected version(s) >=dev-breadcrumb <dev-master
Fix Suggestion:
Update to version dev-master
neos/twitter-bootstrap (PHP):
Affected version(s) >=dev-main <historic-1.0.0-alpha5
Fix Suggestion:
Update to version historic-1.0.0-alpha5
flower (PYTHON):
Affected version(s) >=0.8.3 <2.0.0
Fix Suggestion:
Update to version 2.0.0
Related Resources (2)
https://github.com/twbs/bootstrap/pull/3421
https://github.com/twbs/bootstrap/commit/f836473129819c2e348f821ed268451b9b8bf2e4
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE