Retirable bootstrap library on Quttera's scan page...

[polonus]

Do not panick, just established, and polonus is always on the look-out for javascript hick-ups

Bootstrap.js has issues and it is kind of a liability these days.

Weird, we detected retirable bootstrap libraries here: (detected using retire.js extension/confirmed by SNYK (webhint) &  Erlend Oftedal's online scanner). Just presented, what was alerted...

Not saying anything malicious found or that that scanner cannot be used,
it is incorporated inside VT results, so kind of above board

Retire.js
bootstrap   3.0.3   Found in -https://quttera.com/bootstrap/js/bootstrap.js
Vulnerability info:
High   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
jquery   1.9.1   Found in -https://quttera.com/bootstrap/js/jquery.js
Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   1234
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers

Confirmed by Erlend Oftedal's scanner: https://retire.insecurity.today/#!/scan/5fc870eb188084c667194445ef4b4b1d0f4b74daf39cad31c0b3b66dee22a700

Also found these DOM-XSS issues on quttera's main site with 5 sources and 167 sinks
and 34 sources and 33 sinks in linked /wXw.google.com/jsapi

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

[polonus]

Look here: http://www.backgroundtask.eu/Systeemtaken/taakinfo/152268/BOOTSTRAP.JS/

Example:
bootstrap   3.1.0    found in -https://store.ipced.com/js/bootstrap/bootstrap.js
Vulnerability info:
High   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
jquery-ui-dialog   1.10.3   Found in -https://store.ipced.com/js/magentothem/jquery-ui.js
Vulnerability info:
High   CVE-2016-7103 281 XSS Vulnerability on closeText option   
jquery   1.7.2   Found in -https://store.ipced.com/js/magentothem/ma.jq.slide.js
Vulnerability info:
Medium   CVE-2012-6708 11290 Selector interpreted as HTML   
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
jquery   2.1.3.min   Found in -https://store.ipced.com/js/iwd/all/iwd-jquery-2.1.3.min.js
Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Medium   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
prototypejs   1.7   Found in -https://store.ipced.com/js/prototype/prototype.js
jquery-ui-autocomplete   1.10.3   Found in -https://store.ipced.com/js/magentothem/jquery-ui.js
jquery-ui-tooltip   1.10.3   Found in -https://store.ipced.com/js/magentothem/jquery-ui.js

Mage scan report: https://www.magereport.com/scan/?s=https://store.ipced.com/

Susceptible to MiM attacks: Insecure SSL/TLS versions available
HTTP Strict Transport Security (HSTS) not enforced
HSTS header does not contain max-age
HSTS header does not contain includeSubDomains
HSTS header not prepared for preload list inclusion
Secure cookies not used

Vulnerabilities uncovered more easily
X-Powered-By header exposed
Server information header exposed

DOM-XSS issues: Results from scanning URL: -https://store.ipced.com
Number of sources found: 4
Number of sinks found: 364

Results from scanning URL: -https://store.ipced.com/js/scriptaculous/dragdrop.js
Number of sources found: 7
Number of sinks found: 1

Results from scanning URL: -https://store.ipced.com/js/varien/menu.js
Number of sources found: 10
Number of sinks found: 23

Results from scanning URL: -https://store.ipced.com/js/magentothem/ajax_cart_super.js
Number of sources found: 10
Number of sinks found: 11

Results from scanning URL: -https://store.ipced.com/js/magentothem/ajaxlogin/ma.ajaxlogin.js
Number of sources found: 22
Number of sinks found: 19

Results from scanning URL: -https://store.ipced.com/js/scriptaculous/controls.js
Number of sources found: 61
Number of sinks found: 70

and to close that circle: Results from scanning URL: -https://store.ipced.com/js/bootstrap/bootstrap.js
Number of sources found: 77 like ).parent().parent().parent().parent().parent().parent().parent().parent().parent()
Number of sinks found: 17 form.action = url;  & var data=
&
Results from scanning URL: -https://store.ipced.com/js/bootstrap/bootstrap.js
Number of sources found: 305 this.position.top = data.top;
Number of sinks found: 59 value= input

Important security issue for this site:
https://support.hypernode.com/knowledgebase/how-to-protect-your-magento-store-against-brute-force/
because Admin panel found on /rss/catalog, /admin or /downloader.

615 recommendations to come to website improvement of which many security related, found up by SNYK a.o. see:
https://webhint.io/scanner/8b12ce83-a52a-430f-a8ca-370e47708089
disown-opener issues, no-disallowed headers, no-protocol-relative-urls, sri, strict-transport-security 80 instanes of,
x-content-type-options, ssllabs.

polonus (volunteer website security analyst and website error-hunter)