Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-0174

Malware in sbrugna...

6.1CVSS6.5AI score0.0404EPSS
Exploits1References31
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/18 9:0 p.m.41 views

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross Site Scripting') in Bootstrap (CVE-2018-14041)

Summary Bootstrap is used by IBM Storage Ceph as a CSS framework. CVE-2018-14041 This bulletin identifies the steps to take to address the vulnerability in Bootstrap. Vulnerability Details CVEID: CVE-2018-14041 DESCRIPTION: Bootstrap is vulnerable to cross-site scripting, caused by improper...

6.1CVSS6.6AI score0.04293EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/12 12:0 a.m.91 views

RHEL 9 : Red Hat Ceph Storage 6.1 (RHSA-2023:5693)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5693 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

9.8CVSS6.4AI score0.04293EPSS
Exploits3References64
Tenable Nessus
Tenable Nessus
added 2023/06/23 12:0 a.m.52 views

F5 Networks BIG-IP : Bootstrap vulnerability (K000133673)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.3 / 14.1.2.4 / 15.1.0 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K000133673 advisory. - In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the...

6.1CVSS6.7AI score0.04293EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.67 views

F5 Networks BIG-IP : Bootstrap vulnerability (K05380109)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K05380109 advisory. In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.CVE-2018-14041ImpactAn attacker...

6.1CVSS6.7AI score0.04293EPSS
Exploits1References2
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.80 views

K05380109: Bootstrap vulnerability CVE-2018-14041

Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. CVE-2018-14041 Impact An attacker may exploit this vulnerability to perform a cross-site scripting XSS attack. Security Advisory Status F5 Product Development has assigned ID 767373...

6.1CVSS6.4AI score0.04293EPSS
Exploits1Affected Software14
Tenable Nessus
Tenable Nessus
added 2020/10/28 12:0 a.m.48 views

Amazon Linux 2 : ipa (ALAS-2020-1519)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1519 advisory. jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.9CVSS6.5AI score0.99019EPSS
Exploits17References21
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/29 3:10 p.m.47 views

Security Bulletin: IBM Cloud Private Monitoring is vulnerable to XSS attack in Prometheus (CVE-2018-14041)

Summary IBM Cloud Private Monitoring is vulnerable to XSS attack in Prometheus Vulnerability Details CVEID: CVE-2018-14041 DESCRIPTION: Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. A remote attacker...

6.1CVSS0.4AI score0.04293EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/23 6:0 p.m.37 views

Security Bulletin: API Connect V5 is impacted by vulnerabilities in Bootstrap (CVE-2018-14040 CVE-2018-14041 CVE-2018-14042)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-14042 DESCRIPTION: Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the the data-container property of tooltip. A remote attacker could...

6.1CVSS0.6AI score0.04293EPSS
Exploits3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/03/15 12:0 a.m.242 views

JVN#06527859: KinagaCMS vulnerable to cross-site scripting

KinagaCMS is an opensource Contents Management System CMS. KinagaCMS uses the old version of Bootstrap thus inherits multiple cross-site scripting vulnerabilities CWE-79: CVE-2018-14040, CVE-2018-14041, CVE-2019-8331 existed in Bootstrap. Impact The information on the system may be obtained or...

6.1CVSS6.7AI score0.1686EPSS
Exploits3
Circl
Circl
added 2019/01/09 8:48 a.m.6 views

CVE-2018-14041

creationtimestamp| type| source ---|---|--- 2019-01-09 08:48:33+00:00| seen| https://t.me/cibsecurity/1927 2024-09-12 10:16:41+00:00| seen| Telegram/KQJ2fokDRUpEEMEdtilLJpNYW94QEwCQWFCqP7BH6XiY 2024-11-22 19:21:06+00:00| seen| Telegram/7xy8m8D7fgOGwoIR6HjmmP2At3jdJJYpZoVCZOBhctBhpw 2024-11-22...

6.1CVSS6.7AI score0.04293EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/01/09 5:29 a.m.64 views

CVE-2016-10735

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

6.1CVSS6.7AI score0.0404EPSS
Exploits1References7
CVE
CVE
added 2019/01/09 5:0 a.m.571 views

CVE-2016-10735

CVE-2016-10735 affects Bootstrap 3.x prior to 3.4.0 and 4.x-beta prior to 4.0.0-beta.2, enabling cross-site scripting via the data-target attribute. This is a distinct issue from CVE-2018-14041. The vulnerability arises from improper handling of data-target, allowing injected scripts/HTML through...

6.1CVSS6.2AI score0.0404EPSS
Exploits1References13Affected Software1
Github Security Blog
Github Security Blog
added 2018/09/13 3:50 p.m.411 views

Bootstrap Cross-site Scripting vulnerability

In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041...

6.1CVSS6.4AI score0.04009EPSS
Exploits1References24Affected Software5
vulnersOsv
vulnersOsv
added 2018/09/13 3:49 p.m.6 views

com.slyak:slyak-web-bootstrap (>=1.0.3.RELEASE <=1.0.4.RELEASE), de.smartsquare.squit:de.smartsquare.squit.gradle.plugin (>=2.0.0 <=2.2.0) +23 more potentially affected by CVE-2018-14041 via org.webjars:bootstrap (>=4.0.0 <=4.1.1)

org.webjars:bootstrap MAVEN version =4.0.0, =1.0.3.RELEASE, =2.0.0, =2.1.0, =2.0.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.3 - org.orienteer:orienteer-architect =1.4 - org.orienteer:orienteer-birt =1.4 - org.orienteer:orienteer-bpm =1.4 - org.orienteer:orienteer-camel =1.4 -...

6.1CVSS6.6AI score0.04293EPSS
Exploits1
RubySec
RubySec
added 2018/09/13 12:0 a.m.43 views

Bootstrap Cross-site Scripting vulnerability

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041...

6.1CVSS6.1AI score0.04293EPSS
Exploits2References1Affected Software1
RubySec
RubySec
added 2018/09/13 12:0 a.m.34 views

Bootstrap Cross-site Scripting vulnerability

In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041...

6.1CVSS6.1AI score0.04293EPSS
Exploits2References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/07/13 2:29 p.m.48 views

CVE-2018-14041

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...

6.1CVSS6.7AI score0.04293EPSS
Exploits1References5
Cvelist
Cvelist
added 2018/07/13 2:0 p.m.30 views

CVE-2018-14041

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...

6.2AI score0.04293EPSS
Exploits1References17
CVE
CVE
added 2018/07/13 2:0 p.m.520 views

CVE-2018-14041

CVE-2018-14041 affects Bootstrap: XSS in the data-target attribute of scrollspy for Bootstrap versions before 4.1.2. The root cause is unvalidated input in data-target, enabling HTML/JS injection. Remediation is to upgrade to Bootstrap 4.1.2 or later (as referenced by Bootstrap’s security note). ...

6.1CVSS6AI score0.04293EPSS
Exploits1References17Affected Software1
Rows per page
Query Builder