BlackFan

CVE-2019-8331

Bootstrap < 3.4.1 || < 4.3.1

✔️ CSP strict-dynamic bypass

➖ Requires user interaction

➖ Requires $('[data-toggle="tooltip"]').tooltip();

code2319

# ci/cd varibles:
# 1. DEFECTDOJO_URL (not masked)
# 2. DEFECTDOJO_TOKEN (masked)
# 3. DEFECTDOJO_PRODUCTID (not masked)

include:
  - template: Security/Secret-Detection.gitlab-ci.yml
  - template: Security/SAST.gitlab-ci.yml
  - template: Security/Container-Scanning.gitlab-ci.yml