From bbabe119266fe7359d8f81768b180cdb1b273d5b Mon Sep 17 00:00:00 2001
From: Trey McCallie <162155285+hdtmccallie@users.noreply.github.com>
Date: Mon, 18 Nov 2024 15:13:21 -0700
Subject: [PATCH] Improve GHSA-vxmc-5x29-h64v

---
 .../GHSA-vxmc-5x29-h64v.json                  | 21 ++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/advisories/unreviewed/2024/07/GHSA-vxmc-5x29-h64v/GHSA-vxmc-5x29-h64v.json b/advisories/unreviewed/2024/07/GHSA-vxmc-5x29-h64v/GHSA-vxmc-5x29-h64v.json
index 198f3451acfc3..d72d05e718db7 100644
--- a/advisories/unreviewed/2024/07/GHSA-vxmc-5x29-h64v/GHSA-vxmc-5x29-h64v.json
+++ b/advisories/unreviewed/2024/07/GHSA-vxmc-5x29-h64v/GHSA-vxmc-5x29-h64v.json
@@ -6,6 +6,7 @@
   "aliases": [
     "CVE-2024-6485"
   ],
+  "summary": "Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes",
   "details": "A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated with the data-loading-text attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into the attribute, which would then be executed when the button's loading state is triggered.",
   "severity": [
     {
@@ -14,7 +15,25 @@
     }
   ],
   "affected": [
-
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "bootstrap"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "1.4.0"
+            },
+            {
+              "last_affected": "3.4.1"
+            }
+          ]
+        }
+      ]
+    }
   ],
   "references": [
     {