{"id":93277,"date":"2024-09-29T12:05:57","date_gmt":"2024-09-29T04:05:57","guid":{"rendered":"https:\/\/version-2.com.sg\/?p=92716"},"modified":"2025-03-24T12:55:18","modified_gmt":"2025-03-24T04:55:18","slug":"new-bootstrap-vulnerabilities-to-watch","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2024\/09\/new-bootstrap-vulnerabilities-to-watch\/","title":{"rendered":"New Bootstrap Vulnerabilities to Watch"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"93277\" class=\"elementor elementor-93277\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-71ae5294 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"71ae5294\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4a899f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e9119cd\" data-id=\"1e9119cd\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f04f8cb elementor-widget elementor-widget-text-editor\" data-id=\"4f04f8cb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>New Bootstrap vulnerabilities could spell trouble for those with websites or web apps running Bootstrap 3 or Bootstrap 4, which are end of life and no longer community-supported.\u00a0<\/p><p>Keep reading to find out how these vulnerabilities can be exploited to engineer cross-site scripting (XSS) attacks and what to do to enhance your Bootstrap security.\u00a0<\/p><h2 id=\"recently-disclosed-bootstrap-vulnerabilities-who-is-impacted\">Recently Disclosed Bootstrap Vulnerabilities: Who Is Impacted?<\/h2><div><p><span class=\"TextRun SCXW237692612 BCX0 NormalTextRun\" lang=\"EN-US\">In July 2024, three vulnerabilities affecting end-of-life (EOL) versions Bootstrap were disclosed:<\/span><span class=\"EOP SCXW237692612 BCX0\">\u00a0<\/span><\/p><\/div><div><ul><li><a class=\"Hyperlink SCXW237692612 BCX0\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-6484\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"TextRun Underlined SCXW237692612 BCX0 NormalTextRun\" lang=\"EN-US\">CVE-2024-6484<\/span><\/a><span class=\"EOP SCXW237692612 BCX0\">\u00a0<\/span><\/li><\/ul><\/div><div><ul><li><a class=\"Hyperlink SCXW237692612 BCX0\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-6485\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"TextRun Underlined SCXW237692612 BCX0 NormalTextRun\" lang=\"EN-US\">CVE-2024-6485<\/span><\/a><span class=\"EOP SCXW237692612 BCX0\">\u00a0<\/span><\/li><\/ul><\/div><div><ul><li><a class=\"Hyperlink SCXW237692612 BCX0\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-6531\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"TextRun Underlined SCXW237692612 BCX0 NormalTextRun\" lang=\"EN-US\">CVE-2024-6531<\/span><\/a><span class=\"TextRun SCXW237692612 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0<\/span><span class=\"EOP SCXW237692612 BCX0\">\u00a0<\/span><\/li><\/ul><\/div><div><p><span class=\"TextRun SCXW237692612 BCX0 NormalTextRun\" lang=\"EN-US\">All three CVEs received a CVSS score of 6.4 from the National Vulnerability Database, indicating medium severity.\u00a0<\/span><span class=\"EOP SCXW237692612 BCX0\">\u00a0<\/span><\/p><p><em>Learn more about\u00a0<\/em><a href=\"https:\/\/www.openlogic.com\/blog\/understanding-cves-cvss-scores\"><em>CVEs and CVSS Scores<\/em><\/a><em>\u00a0&gt;&gt;<\/em><\/p><p><span class=\"TextRun SCXW129589062 BCX0 NormalTextRun\" lang=\"EN-US\">CVE-2024-6484 and CVE-2024-6485 impacts Bootstrap 3 and CVE-2024-6531 affects Bootstrap 4. If you have applications or websites running either of these EOL versions, you are at risk.<\/span><span class=\"EOP SCXW129589062 BCX0\">\u00a0<\/span><\/p><a class=\"back-to-top\" href=\"https:\/\/www.openlogic.com\/blog\/bootstrap-vulnerabilities-to-watch#top\">Back to top<\/a><h2 id=\"how-do-these-bootstrap-vulnerabilities-work\">How Do These Bootstrap Vulnerabilities Work?<\/h2><div><p><span class=\"TextRun SCXW108227794 BCX0 NormalTextRun\" lang=\"EN-US\">CVE-2024-6484 and CVE-2024-6531 are identical cross-site scripting (XSS) vulnerabilities in the Bootstrap carousel component targeting different Bootstrap versions. This component allows you to define slide behavior of links in the carousel via\u00a0<\/span><a class=\"Hyperlink SCXW108227794 BCX0\" href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Learn\/HTML\/Howto\/Use_data_attributes\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"TextRun Underlined SCXW108227794 BCX0 NormalTextRun\" lang=\"EN-US\">\u201cdata\u201d attributes<\/span><\/a><span class=\"TextRun SCXW108227794 BCX0 NormalTextRun\" lang=\"EN-US\">. The exploit can be\u00a0<\/span><span class=\"TextRun SCXW108227794 BCX0 NormalTextRun SpellingErrorV2Themed\" lang=\"EN-US\">achieved<\/span><span class=\"TextRun SCXW108227794 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0if user-supplied values are provided for these attributes without adequate sanitization.<\/span><span class=\"EOP SCXW108227794 BCX0\">\u00a0<\/span><\/p><\/div><div><p><span class=\"TextRun SCXW108227794 BCX0 NormalTextRun\" lang=\"EN-US\">CVE-2024-6485 is a similar\u00a0<\/span><span class=\"TextRun SCXW108227794 BCX0 NormalTextRun ContextualSpellingAndGrammarErrorV2Themed\" lang=\"EN-US\">vulnerability, but<\/span><span class=\"TextRun SCXW108227794 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0targets the button plugin and its loading text state.<\/span><span class=\"EOP SCXW108227794 BCX0\">\u00a0<\/span><\/p><h2 id=\"consequences-and-costs-of-a-cross-site-scripting-attack\"><span class=\"EOP SCXW108227794 BCX0\">Consequences and Costs of a Cross-Site Scripting Attack<\/span><\/h2><div><div><p><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">As\u00a0<\/span><span class=\"TextRun Underlined SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">defined by the\u00a0<\/span><a href=\"https:\/\/owasp.org\/www-community\/attacks\/xss\/\" target=\"_blank\" rel=\"noopener\"><span class=\"TextRun Underlined SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">Open Worldwide Application Security Project (OWASP)<\/span><\/a><span class=\"TextRun Underlined SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">, a cross-site scripting (XSS)\u00a0<\/span><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">attack is a vector by which a malicious script is injected into a website. These can be relatively trivial, and just inject new content or data into the website \u2014 or more nefarious, and transmit data, like session login information, to a third party under the attacker\u2019s control.\u00a0\u00a0<\/span><span class=\"EOP SCXW133742915 BCX0\">\u00a0<\/span><\/p><\/div><div><p><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">Some examples of what can be accomplished via an XSS attack:<\/span><span class=\"EOP SCXW133742915 BCX0\">\u00a0<\/span><\/p><\/div><div><ul><li><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">Form contents could be sent to a third party instead of the site, leading to leakage of PII or financial information.<\/span><span class=\"EOP SCXW133742915 BCX0\">\u00a0<\/span><\/li><\/ul><\/div><div><ul><li><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">A link could submit a form to a malicious site, returning data that the\u00a0<\/span><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun ContextualSpellingAndGrammarErrorV2Themed\" lang=\"EN-US\">browser than<\/span><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0assumes is trusted, but in fact contains and executes additional malicious code.<\/span><span class=\"EOP SCXW133742915 BCX0\">\u00a0<\/span><\/li><\/ul><\/div><div><ul><li><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">A session cookie could be hijacked and used by the attacker to gain access to the user session and data on the website. The attacker can now impersonate the user and gain access to their information, which might include PII or payment methods. If the user has admin privileges on the website, the attacker could gain access to administration tools, potentially changing any content on the site.<\/span><span class=\"EOP SCXW133742915 BCX0\">\u00a0<\/span><\/li><\/ul><\/div><div><ul><li><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">A script could modify site contents, such as a press release or blog post, providing false information to consumers and damaging the credibility of the site owner.<\/span><span class=\"EOP SCXW133742915 BCX0\">\u00a0<\/span><\/li><\/ul><\/div><\/div><div><p><span class=\"TextRun SCXW133742915 BCX0 NormalTextRun\" lang=\"EN-US\">While XSS attacks have been known about and categorized for literally decades, they are still serious security concerns for web-based applications.<\/span><span class=\"EOP SCXW133742915 BCX0\">\u00a0<\/span><\/p><a class=\"back-to-top\" href=\"https:\/\/www.openlogic.com\/blog\/bootstrap-vulnerabilities-to-watch#top\">Back to top<\/a><h2 id=\"mitigation-and-how-to-improve-bootstrap-security\"><span class=\"EOP SCXW133742915 BCX0\">Mitigation and How to Improve Bootstrap Security<\/span><\/h2><div><p><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">There are\u00a0<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun AdvancedProofingIssueV2Themed\" lang=\"EN-US\">a number of<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0general measures you can take to mitigate XSS attacks. The most basic is to validate all user\u00a0<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun ContextualSpellingAndGrammarErrorV2Themed\" lang=\"EN-US\">input, and<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0use robust sanitization and normalization measures when rendering user-provided input to prevent script injection from occurring in the first place. Additionally, you can set things such as\u00a0<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun SpellingErrorV2Themed\" lang=\"EN-US\">HttpOnly<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0cookies, which prevents JavaScript from accessing cookies, and add Content Security Policy HTTP headers, which prevents third-party JavaScript.\u00a0<\/span><span class=\"EOP SCXW124766302 BCX0\">\u00a0<\/span><\/p><\/div><div><p><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">However, when using third-party JavaScript frameworks such as Bootstrap, sometimes you cannot audit every bit of JS that your application executes.\u00a0<\/span><span class=\"EOP SCXW124766302 BCX0\">\u00a0<\/span><\/p><\/div><div><p><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">In those cases, you can apply your own patch or migrate to the current version of Bootstrap, Bootstrap 5. If neither of those are possible, it is recommended to get long-term support through a commercial partner like\u00a0<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun SpellingErrorV2Themed\" lang=\"EN-US\">OpenLogic<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0so that you have access to patches when vulnerabilities affecting EOL versions are disclosed.\u00a0<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun SpellingErrorV2Themed\" lang=\"EN-US\">OpenLogic<\/span><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0has patched all three of these CVEs for our\u00a0<\/span><a class=\"Hyperlink SCXW124766302 BCX0\" href=\"https:\/\/www.openlogic.com\/solutions\/bootstrap-support-and-services\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"TextRun Underlined SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">Bootstrap LTS<\/span><\/a><span class=\"TextRun SCXW124766302 BCX0 NormalTextRun\" lang=\"EN-US\">\u00a0customers.\u00a0<\/span><span class=\"EOP SCXW124766302 BCX0\">\u00a0<\/span><\/p><a class=\"back-to-top\" href=\"https:\/\/www.openlogic.com\/blog\/bootstrap-vulnerabilities-to-watch#top\">Back to top<\/a><h2 id=\"final-thoughts\"><span class=\"EOP SCXW124766302 BCX0\">Final Thoughts<\/span><\/h2><p>Once open source software reaches end of life, vulnerabilities become harder to deal with since you can&#8217;t rely on the community to provide a fix quickly. As described above, the fallout from XSS attacks can be somewhat minor (false information\/vandalism to your site) or devastating (sensitive customer data stolen), so if you are running an older version of Bootstrap, it&#8217;s time to upgrade or make sure you have an LTS provider.\u00a0<\/p><\/div><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1a1b0f4 elementor-widget elementor-widget-shortcode\" data-id=\"1a1b0f4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"91828\" class=\"elementor elementor-91828\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6461a578 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"6461a578\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2f063c39\" data-id=\"2f063c39\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-14e1df2a elementor-widget elementor-widget-text-editor\" data-id=\"14e1df2a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About Perforce <\/strong><br>The best run DevOps teams in the world choose Perforce. Perforce products are purpose-built to develop, build and maintain high-stakes applications. Companies can finally manage complexity, achieve speed without compromise, improve security and compliance, and run their DevOps toolchains with full integrity. With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce is trusted by the world\u2019s leading brands to deliver solutions to even the toughest challenges. Accelerate technology delivery, with no shortcuts.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>New Bootstrap vulnerabilities could spell trouble for t [&hellip;]<\/p>","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1273,1298,61],"tags":[1272,1302],"class_list":["post-93277","post","type-post","status-publish","format-standard","hentry","category-1273","category-openlogic","category-press-release","tag-1272","tag-openlogic"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>New Bootstrap Vulnerabilities to Watch - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Bootstrap Vulnerabilities to Watch - Version 2\" \/>\n<meta property=\"og:description\" content=\"New Bootstrap vulnerabilities could spell trouble for t [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-29T04:05:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-24T04:55:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"250\" \/>\n\t<meta property=\"og:image:height\" content=\"70\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/guardz.com\\\/blog\\\/12-must-read-books-every-msp-should-own\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/09\\\/new-bootstrap-vulnerabilities-to-watch\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"New Bootstrap Vulnerabilities to Watch\",\"datePublished\":\"2024-09-29T04:05:57+00:00\",\"dateModified\":\"2025-03-24T04:55:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/09\\\/new-bootstrap-vulnerabilities-to-watch\\\/\"},\"wordCount\":704,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"keywords\":[\"2024\",\"OpenLogic\"],\"articleSection\":[\"2024\",\"Openlogic\",\"Press Release\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/guardz.com\\\/blog\\\/12-must-read-books-every-msp-should-own\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/09\\\/new-bootstrap-vulnerabilities-to-watch\\\/\",\"url\":\"https:\\\/\\\/guardz.com\\\/blog\\\/12-must-read-books-every-msp-should-own\\\/\",\"name\":\"New Bootstrap Vulnerabilities to Watch - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"datePublished\":\"2024-09-29T04:05:57+00:00\",\"dateModified\":\"2025-03-24T04:55:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/guardz.com\\\/blog\\\/12-must-read-books-every-msp-should-own\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/guardz.com\\\/blog\\\/12-must-read-books-every-msp-should-own\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/guardz.com\\\/blog\\\/12-must-read-books-every-msp-should-own\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New Bootstrap Vulnerabilities to Watch\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New Bootstrap Vulnerabilities to Watch - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/","og_locale":"en_US","og_type":"article","og_title":"New Bootstrap Vulnerabilities to Watch - Version 2","og_description":"New Bootstrap vulnerabilities could spell trouble for t [&hellip;]","og_url":"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/","og_site_name":"Version 2","article_published_time":"2024-09-29T04:05:57+00:00","article_modified_time":"2025-03-24T04:55:18+00:00","og_image":[{"width":250,"height":70,"url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg","type":"image\/jpeg"}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"Written by":"tracylamv2","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2024\/09\/new-bootstrap-vulnerabilities-to-watch\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"New Bootstrap Vulnerabilities to Watch","datePublished":"2024-09-29T04:05:57+00:00","dateModified":"2025-03-24T04:55:18+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2024\/09\/new-bootstrap-vulnerabilities-to-watch\/"},"wordCount":704,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"keywords":["2024","OpenLogic"],"articleSection":["2024","Openlogic","Press Release"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2024\/09\/new-bootstrap-vulnerabilities-to-watch\/","url":"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/","name":"New Bootstrap Vulnerabilities to Watch - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"datePublished":"2024-09-29T04:05:57+00:00","dateModified":"2025-03-24T04:55:18+00:00","breadcrumb":{"@id":"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/guardz.com\/blog\/12-must-read-books-every-msp-should-own\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"New Bootstrap Vulnerabilities to Watch"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/en\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-ogt","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/93277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=93277"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/93277\/revisions"}],"predecessor-version":[{"id":108739,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/93277\/revisions\/108739"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=93277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=93277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=93277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}