Lucene search

K
rubygemsRubySecRUBY:BOOTSTRAP-2018-14040
HistoryJul 02, 2018 - 9:00 p.m.

XSS vulnerabilities via data-parent, data-target, data-container in bootstrap

2018-07-0221:00:00
RubySec
rubysec.com
173

In Bootstrap before 4.1.2, XSS is possible in collapse data-parent
attribute (CVE-2018-14040), data-target property of scrollspy
(CVE-2018-14041), data-container property of tooltip (CVE-2018-14042)

CPENameOperatorVersion
bootstraplt4.1.2
Related for RUBY:BOOTSTRAP-2018-14040