Back to search
CVE-2018-14041
Published: Jul 13, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20190509 dotCMS v5.1.1 Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability
mailing-list
x_refsource_FULLDISC
20190510 dotCMS v5.1.1 Vulnerabilities
mailing-list
x_refsource_FULLDISC
20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability
mailing-list
x_refsource_FULLDISC
RHSA-2019:1456
vendor-advisory
x_refsource_REDHAT
[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1
mailing-list
x_refsource_MLIST
[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities
mailing-list
x_refsource_MLIST
https://www.oracle.com/security-alerts/cpuApr2021.html
x_refsource_MISC
https://github.com/twbs/bootstrap/pull/26630
x_refsource_MISC
https://github.com/twbs/bootstrap/issues/26423
x_refsource_MISC
https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
x_refsource_MISC
https://github.com/twbs/bootstrap/issues/26627
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now