Lucene search

K
osvGoogleOSV:GHSA-7MVR-5X2G-WFC8
HistorySep 13, 2018 - 3:50 p.m.

Bootstrap Cross-site Scripting vulnerability

2018-09-1315:50:32
Google
osv.dev
116
bootstrap
xss
vulnerability
tooltip
data-container
versions 3.4.0
4.1.2
cve-2018-14041

AI Score

6.4

Confidence

High

EPSS

0.005

Percentile

75.6%

In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041.

References