20 matches found
EUVD-2018-0462
Malware in sbrugna...
bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...
K05380109: Bootstrap vulnerability CVE-2018-14041
Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. CVE-2018-14041 Impact An attacker may exploit this vulnerability to perform a cross-site scripting XSS attack. Security Advisory Status F5 Product Development has assigned ID 767373...
SUSE CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...
bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...
bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...
bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...
bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...
GHSA-PJ7M-G53M-7638 Bootstrap Cross-site Scripting vulnerability
In Bootstrap 4.x before 4.1.2, XSS is possible in the data-target property of scrollspy. This is similar to CVE-2018-14042...
Bootstrap Cross-site Scripting vulnerability
In Bootstrap 4.x before 4.1.2, XSS is possible in the data-target property of scrollspy. This is similar to CVE-2018-14042...
Bootstrap Cross-Site Scripting Vulnerability
Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript . A cross-site scripting vulnerability exists in the data-target attribute of scrollspy in Bootstrap versions prior to 4.1.2. A remote attacker can exploit this vulnerability to inject arbitrary web scrip...
CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
Design/Logic Flaw
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
CVE-2018-14041
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy...
CVE-2018-14041
CVE-2018-14041 affects Bootstrap: XSS in the data-target attribute of scrollspy for Bootstrap versions before 4.1.2. The root cause is unvalidated input in data-target, enabling HTML/JS injection. Remediation is to upgrade to Bootstrap 4.1.2 or later (as referenced by Bootstrap’s security note). ...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-target property of scrollspy...