Sha256: 7a2e903b7629c2b03f77771672d9330a06d6215921b95350c35a47ad09e6f1e5
Contents?: true
Size: 593 Bytes
Versions: 1
Compression:
Stored size: 593 Bytes
Contents
---
gem: bootstrap
cve: 2018-14040
url: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
title: XSS vulnerabilities via data-parent, data-target, data-container in bootstrap
date: 2018-07-03
description: |
In Bootstrap before 4.1.2, XSS is possible in collapse data-parent
attribute (CVE-2018-14040), data-target property of scrollspy
(CVE-2018-14041), data-container property of tooltip (CVE-2018-14042)
cvss_v2: 4.3
cvss_v3: 6.1
patched_versions:
- '>= 4.1.2'
related:
cve:
- 2018-14041
- 2018-14042
url:
- https://github.com/twbs/bootstrap/issues/26423
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/bootstrap/CVE-2018-14040.yml |