Saltar navegación
Comprar ahora

Inicio Toolset Professional Support [Escalado a 2º nivel] Received word that Bootstrap has a XSS Vulnerability in version prior to 3.4.1

[Escalado a 2º nivel] Received word that Bootstrap has a XSS Vulnerability in version prior to 3.4.1

This support ticket is created 6 years, 7 months ago. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun Mon Tue Wed Thu Fri Sat
- 9:00 – 13:00 9:00 – 13:00 9:00 – 13:00 9:00 – 13:00 9:00 – 13:00 -
- 14:00 – 18:00 14:00 – 18:00 14:00 – 18:00 14:00 – 18:00 14:00 – 18:00 -

Zona horaria del colaborador: Asia/Karachi (GMT+05:00)

Etiquetado: 

Este tema contiene 1 respuesta, tiene 2 mensajes.

Última actualización por Waqar 6 years, 7 months ago.

Asistido por: Waqar.

Autor
Mensajes
#1203991

Jonathon Hanten

There is an article on WP Tavern (enlace oculto) that mentions an XSS Vulnerability in older versions of Bootstrap. Your product uses Bootstrap and has the option to load a copy. What version of Bootstrap 3 is being loaded by Toolset and is there a way to update/make sure it uses the most current version to avoid issues?

Thank you.

#1204647

Waqar

Hi Jonathon,

Thanks for asking! I'd be happy to help.

Based on the report that you've mentioned, work is already underway to update the Bootstrap 3 that is included through Toolset, to use the latest patch.

I'm afraid, I don't have a time estimate to share at this time, but I'll keep you updated with the progress through this ticket.

Meanwhile, if you'd like to load this Bootstrap 3.4.1 on your website manually, you can select the option "The theme or another plugin is already loading Bootstrap 3.0" from "WP Admin -> Toolset -> Settings -> General" which will stop loading of Toolset's packed Bootstrap files.

After that you can load the Bootstrap files from your theme, as explained in these guides:

enlace oculto
enlace oculto
enlace oculto

For more personalized assistance around the custom code, you can also consider hiring a professional from our list of recommended contractors:
https://toolset.com/contractors/

regards,
Waqar

Problemas conocidos y soluciones

Preguntas frecuentes de soporte

Archivo de tickets de soporte

Reciba ayuda de contratistas con experiencia

Conozca al equipo de soporte de Toolset

Política de atención al cliente de Toolset

Necesita decirnos algo sobre la calidad del soporte

Cómo eliminar información personal de su base de datos para el soporte